Total
7966 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-16038 | 1 Google | 2 Chrome, Chrome Os | 2021-07-21 | 9.3 HIGH | 8.8 HIGH |
| Use after free in media in Google Chrome on OS X prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2020-16039 | 1 Google | 1 Chrome | 2021-07-21 | 9.3 HIGH | 8.8 HIGH |
| Use after free in extensions in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2020-16023 | 1 Google | 1 Chrome | 2021-07-21 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in WebCodecs in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2020-16040 | 1 Google | 1 Chrome | 2021-07-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Insufficient data validation in V8 in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2020-16037 | 1 Google | 1 Chrome | 2021-07-21 | 9.3 HIGH | 8.8 HIGH |
| Use after free in clipboard in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2020-16044 | 1 Google | 1 Chrome | 2021-07-21 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in WebRTC in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted SCTP packet. | |||||
| CVE-2020-9928 | 1 Apple | 1 Mac Os X | 2021-07-21 | 9.3 HIGH | 7.8 HIGH |
| Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.6. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2019-1000006 | 1 Riot-os | 1 Riot | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| RIOT RIOT-OS version after commit 7af03ab624db0412c727eed9ab7630a5282e2fd3 contains a Buffer Overflow vulnerability in sock_dns, an implementation of the DNS protocol utilizing the RIOT sock API that can result in Remote code executing. This attack appears to be exploitable via network connectivity. | |||||
| CVE-2020-16884 | 1 Microsoft | 1 Edge | 2021-07-21 | 6.8 MEDIUM | 8.8 HIGH |
| A remote code execution vulnerability exists in the way that the IEToEdge Browser Helper Object (BHO) plugin on Internet Explorer handles objects in memory, aka 'Internet Explorer Browser Helper Object (BHO) Memory Corruption Vulnerability'. | |||||
| CVE-2020-16968 | 1 Microsoft | 1 Windows 10 | 2021-07-21 | 9.3 HIGH | 7.8 HIGH |
| A remote code execution vulnerability exists when the Windows Camera Codec Pack improperly handles objects in memory, aka 'Windows Camera Codec Pack Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-16967. | |||||
| CVE-2020-17048 | 1 Microsoft | 5 Chakracore, Edge, Windows 10 and 2 more | 2021-07-21 | 6.8 MEDIUM | 8.1 HIGH |
| Chakra Scripting Engine Memory Corruption Vulnerability This CVE ID is unique from CVE-2020-17054. | |||||
| CVE-2020-17052 | 1 Microsoft | 10 Edge, Internet Explorer, Windows 10 and 7 more | 2021-07-21 | 6.8 MEDIUM | 8.1 HIGH |
| Scripting Engine Memory Corruption Vulnerability | |||||
| CVE-2020-17053 | 1 Microsoft | 3 Internet Explorer, Windows 10, Windows Server 2019 | 2021-07-21 | 7.6 HIGH | 7.5 HIGH |
| Internet Explorer Memory Corruption Vulnerability | |||||
| CVE-2020-17054 | 1 Microsoft | 5 Chakracore, Edge, Windows 10 and 2 more | 2021-07-21 | 7.6 HIGH | 7.5 HIGH |
| Chakra Scripting Engine Memory Corruption Vulnerability This CVE ID is unique from CVE-2020-17048. | |||||
| CVE-2020-17058 | 1 Microsoft | 5 Edge, Internet Explorer, Windows 10 and 2 more | 2021-07-21 | 7.6 HIGH | 7.5 HIGH |
| Microsoft Browser Memory Corruption Vulnerability | |||||
| CVE-2019-10056 | 1 Suricata-ids | 1 Suricata | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Suricata 4.1.3. The code mishandles the case of sending a network packet with the right type, such that the function DecodeEthernet in decode-ethernet.c is executed a second time. At this point, the algorithm cuts the first part of the packet and doesn't determine the current length. Specifically, if the packet is exactly 28 long, in the first iteration it subtracts 14 bytes. Then, it is working with a packet length of 14. At this point, the case distinction says it is a valid packet. After that it casts the packet, but this packet has no type, and the program crashes at the type case distinction. | |||||
| CVE-2020-17443 | 1 Altran | 1 Picotcp | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in picoTCP 1.7.0. The code for creating an ICMPv6 echo replies doesn't check whether the ICMPv6 echo request packet's size is shorter than 8 bytes. If the size of the incoming ICMPv6 request packet is shorter than this, the operation that calculates the size of the ICMPv6 echo replies has an integer wrap around, leading to memory corruption and, eventually, Denial-of-Service in pico_icmp6_send_echoreply_not_frag in pico_icmp6.c. | |||||
| CVE-2019-1010039 | 1 Ulaunchelf Project | 1 Ulaunchelf | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| uLaunchELF < commit 170827a is affected by: Buffer Overflow. The impact is: Possible code execution and denial of service. The component is: Loader program (loader.c) overly trusts the arguments provided via command line. | |||||
| CVE-2019-1010038 | 1 Openmodelica | 1 Omcompiler | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| OpenModelica OMCompiler is affected by: Buffer Overflow. The impact is: Possible code execution and denial of service. The component is: OPENMODELICAHOME parameter changeable via environment variable. The attack vector is: Changing an environment variable. | |||||
| CVE-2019-1010043 | 1 Quake3e Project | 1 Quake3e | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| Quake3e < 5ed740d is affected by: Buffer Overflow. The impact is: Possible code execution and denial of service. The component is: Argument string creation. | |||||