Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by CWE-120
Total 1596 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-27690 1 Imomobile 2 Verve Connect Vh510, Verve Connect Vh510 Firmware 2020-11-10 4.9 MEDIUM 5.5 MEDIUM
The Relish (Verve Connect) VH510 device with firmware before 1.0.1.6L0516 contains a buffer overflow within its web management portal. When a POST request is sent to /boaform/admin/formDOMAINBLK with a large blkDomain value, the Boa server crashes.
CVE-2020-5653 1 Mitsubishielectric 10 Melsec Iq-rd81dl96, Melsec Iq-rd81dl96 Firmware, Melsec Iq-rd81mes96n and 7 more 2020-11-10 7.5 HIGH 9.8 CRITICAL
Buffer overflow vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series (RJ71EIP91 EtherNet/IP Network Interface Module First 2 digits of serial number are '02' or before, RJ71PN92 PROFINET IO Controller Module First 2 digits of serial number are '01' or before, RD81DL96 High Speed Data Logger Module First 2 digits of serial number are '08' or before, RD81MES96N MES Interface Module First 2 digits of serial number are '04' or before, and RD81OPC96 OPC UA Server Module First 2 digits of serial number are '04' or before) allows a remote unauthenticated attacker to stop the network functions of the products or execute a malicious program via a specially crafted packet.
CVE-2020-11162 1 Qualcomm 80 Agatti, Agatti Firmware, Apq8009 and 77 more 2020-11-09 4.6 MEDIUM 7.8 HIGH
u'Possible buffer overflow in MHI driver due to lack of input parameter validation of EOT events received from MHI device side' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in Agatti, APQ8009, Bitra, IPQ4019, IPQ5018, IPQ6018, IPQ8064, IPQ8074, Kamorta, MDM9607, MSM8917, MSM8953, Nicobar, QCA6390, QCM2150, QCS404, QCS405, QCS605, QM215, QRB5165, Rennell, SA415M, SA515M, SA6155P, SA8155P, Saipan, SC8180X, SDM429, SDM429W, SDM439, SDM450, SDM632, SDM710, SDM845, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130
CVE-2020-11155 1 Qualcomm 22 Apq8009, Apq8009 Firmware, Apq8053 and 19 more 2020-11-08 8.3 HIGH 8.8 HIGH
u'Buffer overflow while processing PDU packet in bluetooth due to lack of check of buffer length before copying into it.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, QCA6390, QCN7605, QCN7606, SA415M, SA515M, SA6155P, SA8155P, SC8180X, SDX55
CVE-2020-3657 1 Qualcomm 74 Apq8009, Apq8009 Firmware, Apq8017 and 71 more 2020-11-06 10.0 HIGH 9.8 CRITICAL
u'Remote code execution can happen by sending a carefully crafted POST query when Device configuration is accessed from a tethered client through webserver due to lack of array bound check.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ6018, IPQ8064, IPQ8074, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8953, MSM8996AU, QCA6574AU, QCS405, QCS610, QRB5165, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM630, SDM632, SDM636, SDM660, SDM845, SDX20, SDX24, SDX55, SM8250
CVE-2020-3678 1 Qualcomm 18 Agatti, Agatti Firmware, Kamorta and 15 more 2020-11-06 4.6 MEDIUM 7.8 HIGH
u'A buffer overflow could occur if the API is improperly used due to UIE init does not contain a buffer size a param' in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Agatti, Kamorta, QCS404, QCS605, SDA845, SDM670, SDM710, SDM845, SXR1130
CVE-2020-3692 1 Qualcomm 34 Agatti, Agatti Firmware, Kamorta and 31 more 2020-11-06 10.0 HIGH 9.8 CRITICAL
u'Possible buffer overflow while updating output buffer for IMEI and Gateway Address due to lack of check of input validation for parameters received from server' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in Agatti, Kamorta, Nicobar, QCM6125, QCS610, Rennell, SA415M, Saipan, SC7180, SC8180X, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130
CVE-2019-19917 3 Fedoraproject, Lout Project, Opensuse 4 Fedora, Lout, Backports Sle and 1 more 2020-11-05 6.8 MEDIUM 7.8 HIGH
Lout 3.40 has a buffer overflow in the StringQuotedWord() function in z39.c.
CVE-2020-11154 1 Qualcomm 22 Apq8009, Apq8009 Firmware, Apq8053 and 19 more 2020-11-03 8.3 HIGH 8.8 HIGH
u'Buffer overflow while processing a crafted PDU data packet in bluetooth due to lack of check of buffer size before copying' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, QCA6390, QCN7605, QCN7606, SA415M, SA515M, SA6155P, SA8155P, SC8180X, SDX55
CVE-2020-8261 1 Pulsesecure 2 Pulse Connect Secure, Pulse Policy Secure 2020-11-03 4.3 MEDIUM 4.3 MEDIUM
A vulnerability in the Pulse Connect Secure / Pulse Policy Secure < 9.1R9 is vulnerable to arbitrary cookie injection.
CVE-2019-8839 1 Apple 1 Mac Os X 2020-10-30 4.3 MEDIUM 5.5 MEDIUM
A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. An attacker in a privileged position may be able to perform a denial of service attack.
CVE-2019-16129 1 Microchip 1 Cryptoauthlib 2020-10-30 4.6 MEDIUM 6.8 MEDIUM
Microchip CryptoAuthentication Library CryptoAuthLib prior to 20191122 has a Buffer Overflow (issue 2 of 2).
CVE-2019-16128 1 Microchip 1 Cryptoauthlib 2020-10-30 4.6 MEDIUM 6.8 MEDIUM
Microchip CryptoAuthentication Library CryptoAuthLib prior to 20191122 has a Buffer Overflow (issue 1 of 2).
CVE-2019-14717 1 Verifone 2 Verix Os, Vx520 2020-10-30 4.6 MEDIUM 7.8 HIGH
Verifone Verix OS on VerixV Pinpad Payment Terminals with QT000530 have a Buffer Overflow via the Run system call.
CVE-2019-8696 1 Apple 1 Mac Os X 2020-10-29 6.5 MEDIUM 8.8 HIGH
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. An attacker in a privileged network position may be able to execute arbitrary code.
CVE-2020-9866 1 Apple 1 Mac Os X 2020-10-29 7.5 HIGH 9.8 CRITICAL
A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.6, Security Update 2020-004 Mojave, Security Update 2020-004 High Sierra. A buffer overflow may result in arbitrary code execution.
CVE-2019-8675 1 Apple 1 Mac Os X 2020-10-29 6.5 MEDIUM 8.8 HIGH
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. An attacker in a privileged network position may be able to execute arbitrary code.
CVE-2020-9985 1 Apple 4 Ipados, Iphone Os, Mac Os X and 1 more 2020-10-27 6.8 MEDIUM 7.8 HIGH
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, watchOS 6.2.8. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution.
CVE-2020-27678 3 Illumos, Joyent, Omniosce 3 Illumos, Smartos, Omnios 2020-10-27 7.5 HIGH 9.8 CRITICAL
An issue was discovered in illumos before 2020-10-22, as used in OmniOS before r151030by, r151032ay, and r151034y and SmartOS before 20201022. There is a buffer overflow in parse_user_name in lib/libpam/pam_framework.c.
CVE-2020-5133 1 Sonicwall 2 Sonicos, Sonicosv 2020-10-22 5.0 MEDIUM 7.5 HIGH
A vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service due to buffer overflow, which leads to a firewall crash. This vulnerability affected SonicOS Gen 6 version 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version 7.0.0.0.