CWE:
 

Topic
Date
Author
High
Google SketchUp lib3ds 3DS Importer Memory Corruption
18.01.2010
CORE


CVEMAP Search Results

CVE
Details
Description
2020-07-01
Low
CVE-2020-15470

Vendor: Ffjpeg project
Software: Ffjpeg
 

 
ffjpeg through 2020-02-24 has a heap-based buffer overflow in jfif_decode in jfif.c.

 
Medium
CVE-2020-15474

Vendor: NTOP
Software: NDPI
 

 
In nDPI through 3.2, there is a stack overflow in extractRDNSequence in lib/protocols/tls.c.

 
2020-06-30
Medium
CVE-2017-18922

Vendor: Libvncserver project
Software: Libvncserver
 

 
It was discovered that websockets.c in LibVNCServer prior to 0.9.12 did not properly decode certain WebSocket frames. A malicious attacker could exploit this by sending specially crafted WebSocket frames to a server, causing a heap-based buffer overflow.

 
2020-06-28
Low
CVE-2020-15365

Vendor: Libraw
Software: Libraw
 

 
LibRaw before 0.20-Beta3 has an out-of-bounds write in parse_exif() in metadata\exif_gps.cpp via an unrecognized AtomName and a zero value of tiff_nifds.

 
2020-06-27
Medium
CVE-2020-15358

Vendor: Sqlite
Software: Sqlite
 

 
In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation.

 
2020-06-26
Low
CVE-2020-15306

Vendor: Openexr
Software: Openexr
 

 
An issue was discovered in OpenEXR before v2.5.2. Invalid chunkCount attributes could cause a heap buffer overflow in getChunkOffsetTableSize() in IlmImf/ImfMisc.cpp.

 
High
CVE-2020-9554

Updating...
 

 
Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .

 
High
CVE-2020-9555

Updating...
 

 
Adobe Bridge versions 10.0.1 and earlier version have a stack-based buffer overflow vulnerability. Successful exploitation could lead to arbitrary code execution.

 
High
CVE-2020-9556

Updating...
 

 
Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .

 
High
CVE-2020-9559

Updating...
 

 
Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .

 

 


Copyright 2020, cxsecurity.com

 

Back to Top