CWE:
 

Tytuł
Data
Autor
Med.
MiniUPnP MiniUPnPc < 2.0 Remote Denial of Service
12.01.2018
tintinweb
Med.
Windows Kernel win32k.sys Integer Overflow (MS13-101)
12.12.2013
CORE
High
Apache 1.3.41 mod_proxy Integer overflow (code execution)
29.01.2010
Adam Zabrocki
Med.
Adobe Flash Player ActionScript Exception Handler Integer Overflow Vulnerability
11.12.2009
ZDI


Common Weakness Enumeration (CWE)

CVE
Szczegóły
Opis
2020-10-22
Medium
CVE-2020-9875

Vendor: Apple
Software: Icloud
 

 
An integer overflow was addressed through improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. Processing a maliciously crafted image may lead to arbitrary code execution.

 
2020-10-16
Medium
CVE-2020-26682

Vendor: Libass project
Software: Libass
 

 
In libass 0.14.0, the `ass_outline_construct`'s call to `outline_stroke` causes a signed integer overflow.

 
2020-10-14
Medium
CVE-2020-0408

Vendor: Google
Software: Android
 

 
In remove of String16.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-156999009

 
2020-10-07
Medium
CVE-2019-16160

Vendor: Mikrotik
Software: Routeros
 

 
An integer underflow in the SMB server of MikroTik RouterOS before 6.45.5 allows remote unauthenticated attackers to crash the service.

 
2020-10-02
High
CVE-2020-24397

Vendor: Zohocorp
Software: Manageengine...
 

 
An issue was discovered in the client side of Zoho ManageEngine Desktop Central 10.0.0.SP-534. An attacker-controlled server can trigger an integer overflow in InternetSendRequestEx and InternetSendRequestByBitrate that leads to a heap-based buffer overflow and Remote Code Execution with SYSTEM privileges.

 
2020-09-30
Low
CVE-2020-14378

Vendor: DPDK
Software: Data plane d...
 

 
An integer underflow in dpdk versions before 18.11.10 and before 19.11.5 in the `move_desc` function can lead to large amounts of CPU cycles being eaten up in a long running loop. An attacker could cause `move_desc` to get stuck in a 4,294,967,295-count iteration loop. Depending on how `vhost_crypto` is being used this could prevent other VMs or network tasks from being serviced by the busy DPDK lcore for an extended period.

 
2020-09-21
Medium
CVE-2020-6569

Vendor: Google
Software: Chrome
 

 
Integer overflow in WebUSB in Google Chrome prior to 85.0.4183.83 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.

 
2020-09-18
Medium
CVE-2020-0309

Vendor: Google
Software: Android
 

 
In the Bluetooth server, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System privileges and a Firmware compromise needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-147227320

 
2020-09-17
Medium
CVE-2020-6113

Vendor: Gonitro
Software: Nitro pro
 

 

 
Medium
CVE-2020-6116

Vendor: Gonitro
Software: Nitro pro
 

 

 

 


Copyright 2020, cxsecurity.com

 

Back to Top