CWE:
 

Tytuł
Data
Autor
High
Google SketchUp lib3ds 3DS Importer Memory Corruption
18.01.2010
CORE


Common Weakness Enumeration (CWE)

CVE
Szczegóły
Opis
2020-05-28
Low
CVE-2020-13361

Vendor: QEMU
Software: QEMU
 

 
In QEMU 4.2.0, es1370_transfer_audio in hw/audio/es1370.c does not properly validate the frame count, which allows guest OS users to trigger an out-of-bounds access during an es1370_write() operation.

 
2020-05-24
Low
CVE-2020-13440

Vendor: Ffjpeg project
Software: Ffjpeg
 

 
ffjpeg through 2020-02-24 has an invalid write in bmp_load in bmp.c.

 
2020-05-22
Low
CVE-2020-13398

Vendor: Freerdp
Software: Freerdp
 

 
An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) write vulnerability has been detected in crypto_rsa_common in libfreerdp/crypto/crypto.c.

 
2020-05-21
Medium
CVE-2020-6458

Vendor: Google
Software: Chrome
 

 
Out of bounds read and write in PDFium in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

 
2020-05-18
Medium
CVE-2019-20797

Vendor: Prboom-plus project
Software: Prboom-plus
 

 
An issue was discovered in e6y prboom-plus 2.5.1.5. There is a buffer overflow in client and server code responsible for handling received UDP packets, as demonstrated by I_SendPacket or I_SendPacketTo in i_network.c.

 
Medium
CVE-2019-20800

Vendor: Cherokee-project
Software: Cherokee
 

 
In Cherokee through 1.2.104, remote attackers can trigger an out-of-bounds write in cherokee_handler_cgi_add_env_pair in handler_cgi.c by sending many request headers, as demonstrated by a GET request with many "Host: 127.0.0.1" headers.

 
2020-05-16
Medium
CVE-2020-13109

Updating...
 

 
Morita Shogi 64 through 2020-05-02 for Nintendo 64 devices allows remote attackers to execute arbitrary code via crafted packet data to the built-in modem because 0x800b3e94 (aka the IF subcommand to top-level command 7) has a stack-based buffer overflow.

 
2020-05-15
Medium
CVE-2020-11524

Vendor: Freerdp
Software: Freerdp
 

 
libfreerdp/codec/interleaved.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Out-of-bounds Write.

 
2020-05-14
Medium
CVE-2020-0094

Vendor: Google
Software: Android
 

 
In setImageHeight and setImageWidth of ExifUtils.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10Android ID: A-148223871

 
Medium
CVE-2020-0102

Vendor: Google
Software: Android
 

 
In GattServer::SendResponse of gatt_server.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-143231677

 

 


Copyright 2020, cxsecurity.com

 

Back to Top