Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by CWE-120
Total 1596 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-9067 1 Huawei 6 Smartax Ea5800, Smartax Ea5800 Firmware, Smartax Ma5600t and 3 more 2020-04-03 5.2 MEDIUM 8.0 HIGH
There is a buffer overflow vulnerability in some Huawei products. The vulnerability can be exploited by an attacker to perform remote code execution on the affected products when the affected product functions as an optical line terminal (OLT). Affected product versions include:SmartAX MA5600T versions V800R013C10, V800R015C00, V800R015C10, V800R017C00, V800R017C10, V800R018C00, V800R018C10; SmartAX MA5800 versions V100R017C00, V100R017C10, V100R018C00, V100R018C10, V100R019C10; SmartAX EA5800 versions V100R018C00, V100R018C10, V100R019C10.
CVE-2020-3911 1 Apple 7 Icloud, Ipados, Iphone Os and 4 more 2020-04-02 7.5 HIGH 9.8 CRITICAL
A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Multiple issues in libxml2.
CVE-2020-3910 1 Apple 7 Icloud, Ipados, Iphone Os and 4 more 2020-04-02 7.5 HIGH 9.8 CRITICAL
A buffer overflow was addressed with improved size validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Multiple issues in libxml2.
CVE-2002-0698 1 Microsoft 1 Exchange Server 2020-04-02 7.5 HIGH N/A
Buffer overflow in Internet Mail Connector (IMC) for Microsoft Exchange Server 5.5 allows remote attackers to execute arbitrary code via an EHLO request from a system with a long name as obtained through a reverse DNS lookup, which triggers the overflow in IMC's hello response.
CVE-1999-0385 1 Microsoft 1 Exchange Server 2020-04-02 10.0 HIGH N/A
The LDAP bind function in Exchange 5.5 has a buffer overflow that allows a remote attacker to conduct a denial of service or execute commands.
CVE-1999-0945 1 Microsoft 1 Exchange Server 2020-04-02 5.0 MEDIUM N/A
Buffer overflow in Internet Mail Service (IMS) for Microsoft Exchange 5.5 and 5.0 allows remote attackers to conduct a denial of service via AUTH or AUTHINFO commands.
CVE-2015-5684 1 Lenovo 54 B50-10, B50-10 Firmware, Edge 15 and 51 more 2020-04-01 10.0 HIGH 9.8 CRITICAL
MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A buffer overflow vulnerability was reported, (fixed and publicly disclosed in 2015) in the Lenovo Service Engine (LSE), affecting various versions of BIOS for Lenovo Notebooks, that could allow a remote user to execute arbitrary code on the system.
CVE-2020-6999 1 Moxa 2 Mds-g516e, Mds-g516e Firmware 2020-03-30 4.0 MEDIUM 6.5 MEDIUM
In Moxa EDS-G516E Series firmware, Version 5.2 or lower, some of the parameters in the setting pages do not ensure text is the correct size for its buffer.
CVE-2019-20578 2 Google, Samsung 2 Android, Exynos 9820 2020-03-27 7.5 HIGH 9.8 CRITICAL
An issue was discovered on Samsung mobile devices with P(9.0) (Exynos 9820 chipsets) software. A Buffer overflow occurs when loading the UH Partition during Secure Boot. The Samsung ID is SVE-2019-14412 (August 2019).
CVE-2020-10931 1 Memcached 1 Memcached 2020-03-27 5.0 MEDIUM 7.5 HIGH
Memcached 1.6.x before 1.6.2 allows remote attackers to cause a denial of service (daemon crash) via a crafted binary protocol header to try_read_command_binary in memcached.c.
CVE-2019-20572 2 Google, Samsung 2 Android, Exynos 2020-03-27 7.5 HIGH 9.8 CRITICAL
An issue was discovered on Samsung mobile devices with O(8.1) and P(9.0) (Exynos chipsets) software. load_kernel has a buffer overflow via untrusted data. The Samsung ID is SVE-2019-14939 (September 2019).
CVE-2019-20562 1 Google 1 Android 2020-03-27 7.5 HIGH 9.8 CRITICAL
An issue was discovered on Samsung mobile devices with P(9.0) (with TEEGRIS) software. There is a buffer overflow in the BIOSUB Trustlet. The Samsung ID is SVE-2019-15264 (October 2019).
CVE-2019-20558 2 Google, Samsung 2 Android, Exynos 2020-03-27 7.5 HIGH 9.8 CRITICAL
An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Exynos chipsets) software. There is a Buffer Overflow in the Touch Screen Driver. The Samsung ID is SVE-2019-14990 (October 2019).
CVE-2020-10835 1 Samsung 1 Exynos 2020-03-26 10.0 HIGH 9.8 CRITICAL
An issue was discovered on Samsung mobile devices with any (before February 2020 for Exynos modem chipsets) software. There is a buffer overflow in baseband CP message decoding. The Samsung IDs are SVE-2019-15816 and SVE-2019-15817 (February 2020).
CVE-2020-10850 1 Google 1 Android 2020-03-26 10.0 HIGH 9.8 CRITICAL
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos chipsets) software. The secure bootloade has a buffer overflow of the USB buffer, leading to arbitrary code execution. The Samsung ID is SVE-2019-15872 (January 2020).
CVE-2019-20545 1 Google 1 Android 2020-03-26 10.0 HIGH 9.8 CRITICAL
An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (Exynos chipsets) software. A buffer overflow in the HDCP Trustlet affects secure TEEGRIS memory. The Samsung ID is SVE-2019-15283 (November 2019).
CVE-2019-20548 1 Google 1 Android 2020-03-26 7.5 HIGH 9.8 CRITICAL
An issue was discovered on Samsung mobile devices with P(9.0) devices (Qualcomm chipsets) software. There is a buffer overflow in the bootloader. The Samsung ID is SVE-2019-15399 (November 2019).
CVE-2020-0501 1 Intel 1 Graphics Driver 2020-03-20 2.1 LOW 5.5 MEDIUM
Buffer overflow in Intel(R) Graphics Drivers before version 26.20.100.6912 may allow an authenticated user to potentially enable a denial of service via local access.
CVE-2020-10566 1 Freebsd 1 Freebsd 2020-03-19 4.6 MEDIUM 7.8 HIGH
grub2-bhyve, as used in FreeBSD bhyve before revision 525916 2020-02-12, mishandles font loading by a guest through a grub2.cfg file, leading to a buffer overflow.
CVE-2019-13201 1 Kyocera 2 Ecosys M5526cdw, Ecosys M5526cdw Firmware 2020-03-18 10.0 HIGH 9.8 CRITICAL
Some Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) were affected by a buffer overflow vulnerability in the LPD service. This would allow an unauthenticated attacker to cause a Denial of Service (DoS) in the LPD service and potentially execute arbitrary code on the device.