CWE:
 

Tytuł
Data
Autor
High
Common Desktop Environment 2.3.1 Buffer Overflow
20.01.2020
Marco Ivaldi
Med.
Torrent FLV Converter 1.51 Build 117 Stack Overflow
19.01.2020
Antonio
High
Allok Video Converter 4.6.1217 Stack Overflow
16.01.2020
Antonio de la Piedra
Low
Allok RM RMVB To AVI MPEG DVD Converter 3.6.1217 Stack Overflow
14.01.2020
Antonio De la Piedra
Med.
Allok Video Converter 4.6.1217 Stack Overflow
14.01.2020
Antonio De la Piedra
High
EBBISLAND EBBSHAVE 6100-09-04-1441 Remote Buffer Overflow
10.01.2020
Harrison Neal
High
Domain Quester Pro 6.02 Stack Overflow (SEH)
06.01.2020
boku
Med.
AVS Audio Converter 9.1.2.600 Stack Overflow
31.12.2019
boku
Med.
FTP Navigator 8.03 Stack Overflow
31.12.2019
boku
High
AVS Audio Converter 9.1 Buffer Overflow
19.12.2019
ZwX
High
FTP Commander Pro 8.03 Local Stack Overflow
15.12.2019
boku
High
Integard Pro NoJs 2.2.0.9026 Remote Buffer Overflow
11.12.2019
purpl3f0xsecur1ty
High
Anviz CrossChex 4.3.12 Local Buffer Overflow
03.12.2019
Pedro Rodrigues
High
Free MP3 CD Ripper 2.8 Buffer Overflow
25.11.2019
Malav Vyas
High
Free MP3 CD Ripper 2.8 Buffer Overflow / Denial Of Service
25.11.2019
Malav Vyas
High
nipper-ng 0.11.10 Remote Buffer Overflow
19.11.2019
Guy Levin
High
SMPlayer 19.5.0 Buffer Overflow / Denial Of Service
16.11.2019
Malav Vyas
High
Ayukov NFTP 1.71 Buffer Overflow
05.11.2019
Chase Hatch
High
Aida64 6.10.5200 Buffer Overflow
05.11.2019
daejinoh
High
WMV To AVI MPEG DVD WMV Converter 4.6.1217 Buffer Overflow
01.11.2019
Doan Nguyen
High
Win10 MailCarrier 2.51 Buffer Overflow
30.10.2019
Dino Covotsos
High
X.Org X Server 1.20.4 Local Stack Overflow
17.10.2019
Marcelo Vazquez
High
DeviceViewer 3.12.0.1 Local Buffer Overflow
10.10.2019
Alessandro Magnosi
High
libyal libfwsi Buffer Overread
09.10.2019
Mishra Dhiraj
High
freeFTP 1.0.8 Remote Buffer Overflow
07.10.2019
Chet Manly
High
ASX To MP3 Converter 3.1.3.7 Local Stack Overflow
07.10.2019
max7253
High
File Sharing Wizard 1.5.0 DELETE SEH Buffer Overflow
05.10.2019
Striker
High
DameWare Remote Support 12.1.0.34 Buffer Overflow
02.10.2019
Xavi Beltran
High
File Sharing Wizard 1.5.0 SEH Buffer Overflow
25.09.2019
x00pwn
High
ChaosPro 2.1 SEH Buffer Overflow
14.09.2019
securitychops
High
ChaosPro 3.1 SEH Buffer Overflow
05.09.2019
securitychops
High
ChaosPro 3.1 SEH Buffer Overflow
05.09.2019
securitychops
High
Realtek Managed Switch Controller RTL83xx Stack Overflow
27.08.2019
bashis
Med.
ABC2MTEX 1.6.1 Command Line Stack Overflow
17.08.2019
Carter Yagemann <yagem...
High
pdfresurrect 0.15 Buffer Overflow
27.07.2019
j0lama
High
Streamripper 2.6 Song Pattern Buffer Overflow
17.07.2019
Andrey Stoykov
High
PCMan FTP Server 2 ALLO Buffer Overflow
16.07.2019
Nassim Asrir
High
SNMPc Enterprise Edition 9 / 10 Mapping Filename Buffer Overflow
12.07.2019
xerubus
High
Apache mod_ssl < 2.8.7 OpenSSL OpenFuckV2.c Remote Buffer Overflow
09.07.2019
Brian
High
ABB IDAL HTTP Server Stack-Based Buffer Overflow
25.06.2019
Eldar Marcussen
High
Thunderbird ESR < 60.7.XXX icalrecur_add_bydayrules Stack-Based Buffer Overflow
21.06.2019
X41 D-SEC GmbH, Luis M...
High
Tuneclone 2.20 SEH Buffer Overflow
21.06.2019
Achilles
High
Netperf 2.6.0 Buffer Overflow
18.06.2019
Juan Sacco
High
Aida64 6.00.5100 Log to CSV File Local SEH Buffer Overflow
17.06.2019
Nipun Jaswal
Med.
Cisco RV130W 1.0.3.44 Remote Stack Overflow
05.06.2019
0x00string
High
DVD X Player 5.5 Pro Local Buffer Overflow
05.06.2019
Kevin Randall
Med.
NUUO NVRMini 2 3.9.1 Stack Overflow
05.06.2019
0x00string
High
Huawei eSpace 1.1.11.103 Unicode Stack Buffer Overflow
23.05.2019
LiquidWorm
High
Huawei eSpace 1.1.11.103 Meeting Heap Overflow
23.05.2019
LiquidWorm
High
Lotus Domino 8.5.3 EXAMINE Stack Buffer Overflow
11.05.2019
Charles Truscott
High
MiniFtp parseconf_load_setting Buffer Overflow
09.05.2019
strider
High
Admin Express 1.2.5.485 Buffer Overflow
08.05.2019
Connor McGarr
High
Xitami Web Server 2.5 Remote Buffer Overflow
07.05.2019
ElSoufiane
High
Freefloat FTP Server 1.0 SIZE Buffer Overflow
01.05.2019
Kevin Randall
High
Freefloat FTP Server 1.0 STOR Buffer Overflow
01.05.2019
Kevin Randall
High
Freefloat FTP Server 1.0 SIZE Remote Buffer Overflow
01.05.2019
Kevin Randall
High
Lavavo CD Ripper 4.20 Buffer Overflow
26.04.2019
Achilles
High
MailCarrier 2.51 USER Buffer Overflow
15.04.2019
Dino Covotsos
High
MailCarrier 2.51 LIST Buffer Overflow
15.04.2019
Dino Covotsos
High
FTPShell Server 6.83 Account Name To Ban Local Buffer Overflow
11.04.2019
Dino Covotsos
High
FTPShell Server 6.83 Virtual Path Mapping Local Buffer Overflow
11.04.2019
Dino Covotsos
High
AIDA64 Extreme / Engineer / Network Audit 5.99.4900 SEH Buffer Overflow (EggHunter)
10.04.2019
Peyman Forouzan
High
TP-LINK TL-WR940N / TL-WR941ND Buffer Overflow
10.04.2019
Grzegorz Wypych
High
AllPlayer 7.4 SEH Buffer Overflow
09.04.2019
Chris Au
High
FlexHEX 2.71 Buffer Overflow
09.04.2019
Chris Au
High
AIDA64 Engineer 5.99.4900 Buffer Overflow
05.04.2019
Anurag Srivastava
High
AIDA64 Business 5.99.4900 SEH Buffer Overflow
04.04.2019
Peyman Forouzan
High
Base64 Decoder 1.1.2 Buffer Overflow
31.03.2019
Paolo Perego
High
Firefox Array.prototype.slice Buffer Overflow
28.03.2019
Xuechiyaobai
High
X-NetStat Pro 5.63 Local Buffer Overflow
25.03.2019
Peyman Forouzan
High
DVD X Player 5.5.3 Buffer Overflow
22.03.2019
Paolo Perego
High
NetShareWatcher 1.5.8.0 Local SEH Buffer Overflow
21.03.2019
Peyman Forouzan
High
Advanced Host Monitor 11.92 Beta Local Buffer Overflow
20.03.2019
Peyman Forouzan
High
Mail Carrier 2.5.1 Buffer Overflow
16.03.2019
Joseph McDonagh
High
NetSetMan 4.7.1 Buffer Overflow
12.03.2019
Devin Casadey
High
Anyburn 4.x x86 Buffer Overflow
08.03.2019
Hodorsec
High
Virtual VCR Max .0a Buffer Overflow
25.02.2019
Wade Guest
High
Realterm Serial Termianl 2.0.0.70 Buffer Overflow
19.02.2019
Alejandra Sanchez
High
PassFab Excel Password Recovery 8.3.1 SEH Buffer Overflow
02.02.2019
Achilles
High
UltraISO 9.7.1.3519 Local Buffer Overflow
01.02.2019
Dino Covotsos
High
R i386 3.5.0 Local Buffer Overflow
01.02.2019
Dino Covotsos
High
Faleemi Desktop Software 1.8 Local Buffer Overflow
30.01.2019
bzyo
High
CloudMe Sync 1.11.2 Buffer Overflow
29.01.2019
hyp3rlinx, Matteo Malv...
High
Echo Mirage 3.1 Buffer Overflow
23.01.2019
InitD Community
High
GattLib 0.2 Stack Buffer Overflow
22.01.2019
Mishra Dhiraj
High
Code Blocks 17.12 Local Buffer Overflow
12.01.2019
bzyo
High
RGui 3.5.0 Buffer Overflow
11.01.2019
bzyo
High
MAGIX Music Editor 3.1 Buffer Overflow
30.12.2018
bzyo
High
Terminal Services Manager 3.1 Local Buffer Overflow
28.12.2018
bzyo
High
Iperius Backup 5.8.1 Buffer Overflow
27.12.2018
bzyo
High
MegaPing Local Buffer Overflow Denial of Service
25.12.2018
Achilles
High
PCRE 8.41 Buffer Overflow
23.12.2018
Jiawang Zhang
High
Base64 Decoder 1.1.2 SEH Local Buffer Overflow
21.12.2018
bzyo
High
Exel Password Recovery 8.2.0.0 Buffer Overflow / Denial Of Service
20.12.2018
Achilles
High
PassFab RAR 9.3.4 SEH Buffer Overflow
20.12.2018
Achilles
High
PDF Explorer 1.5.66.2 SEH Buffer Overflow
20.12.2018
Achilles
High
MegaPing Buffer Overflow / Denial Of Service
19.12.2018
Achilles
High
AnyBurn 4.3 Buffer Overflow / Denial Of Service
19.12.2018
Achilles
High
Nsauditor 3.0.28.0 Buffer Overflow
19.12.2018
Achilles
High
Zortam MP3 Media Studio 24.15 Local Buffer Overflow
15.12.2018
Manpreet Singh Kheberi


Common Weakness Enumeration (CWE)

CVE
Szczegóły
Opis
2020-01-22
Low
CVE-2019-20391

Vendor: Cesnet
Software: Libyang
 

 
An invalid memory access flaw is present in libyang before v1.0-r3 in the function resolve_feature_value() when an if-feature statement is used inside a bit. Applications that use libyang to parse untrusted input yang files may crash.

 
Low
CVE-2019-20392

Vendor: Cesnet
Software: Libyang
 

 
An invalid memory access flaw is present in libyang before v1.0-r1 in the function resolve_feature_value() when an if-feature statement is used inside a list key node, and the feature used is not defined. Applications that use libyang to parse untrusted input yang files may crash.

 
2020-01-15
High
CVE-2020-1603

Vendor: Juniper
Software: Junos
 

 
Specific IPv6 packets sent by clients processed by the Routing Engine (RE) are improperly handled. These IPv6 packets are designed to be blocked by the RE from egressing the RE. Instead, the RE allows these specific IPv6 packets to egress the RE, at which point a mbuf memory leak occurs within the Juniper Networks Junos OS device. This memory leak eventually leads to a kernel crash (vmcore), or the device hanging and requiring a power cycle to restore service, creating a Denial of Service (DoS) condition. During the time where mbufs are rising, yet not fully filled, some traffic from client devices may begin to be black holed. To be black holed, this traffic must match the condition where this traffic must be processed by the RE. Continued receipt and attempted egress of these specific IPv6 packets from the Routing Engine (RE) will create an extended Denial of Service (DoS) condition. Scenarios which have been observed are: 1. In a single chassis, single RE scenario, the device will hang without vmcore, or a vmcore may occur and then hang. In this scenario the device needs to be power cycled. 2. In a single chassis, dual RE scenario, the device master RE will fail over to the backup RE. In this scenario, the master and the backup REs need to be reset from time to time when they vmcore. There is no need to power cycle the device. 3. In a dual chassis, single RE scenario, the device will hang without vmcore, or a vmcore may occur and then hang. In this scenario, the two chassis' design relies upon some type of network level redundancy - VRRP, GRES, NSR, etc. - 3.a In a commanded switchover, where nonstop active routing (NSR) is enabled no session loss is observed. 4. In a dual chassis, dual chassis scenario, rely upon the RE to RE failover as stated in the second scenario. In the unlikely event that the device does not switch RE to RE gracefully, then the fallback position is to the network level services scenario in the third scenario. This issue affects: Juniper Networks Junos OS 16.1 versions prior to 16.1R7-S6; 16.1 version 16.1X70-D10 and later; 16.2 versions prior to 16.2R2-S11; 17.1 versions prior to 17.1R2-S11, 17.1R3-S1; 17.2 versions prior to 17.2R1-S9, 17.2R2-S8, 17.2R3-S3; 17.3 versions prior to 17.3R3-S6; 17.4 versions prior to 17.4R2-S9, 17.4R3; 18.1 versions prior to 18.1R3-S7; 18.2 versions prior to 18.2R3-S2; 18.2X75 versions prior to 18.2X75-D50, 18.2X75-D410; 18.3 versions prior to 18.3R1-S6, 18.3R2-S2, 18.3R3; 18.4 versions prior to 18.4R1-S6, 18.4R2-S2, 18.4R3; 19.1 versions prior to 19.1R1-S3, 19.1R2; 19.2 versions prior to 19.2R1-S2, 19.2R2. This issue does not affect releases prior to Junos OS 16.1R1.

 
2020-01-14
Medium
CVE-2013-7185

Vendor: DAUM
Software: Potplayer
 

 
PotPlayer 1.5.40688: .avi File Memory Corruption

 
High
CVE-2020-0603

Vendor: Microsoft
Software: Asp.net core
 

 
A remote code execution vulnerability exists in ASP.NET Core software when the software fails to handle objects in memory.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka 'ASP.NET Core Remote Code Execution Vulnerability'.

 
High
CVE-2020-0640

Updating...
 

 
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka 'Internet Explorer Memory Corruption Vulnerability'.

 
High
CVE-2020-0650

Vendor: Microsoft
Software: Excel
 

 
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0651, CVE-2020-0653.

 
High
CVE-2020-0651

Vendor: Microsoft
Software: Excel
 

 
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0650, CVE-2020-0653.

 
Medium
CVE-2020-0652

Vendor: Microsoft
Software: Excel
 

 
A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka 'Microsoft Office Memory Corruption Vulnerability'.

 
High
CVE-2020-0653

Vendor: Microsoft
Software: Office 365 p...
 

 
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0650, CVE-2020-0651.

 

 


Copyright 2020, cxsecurity.com

 

Back to Top