• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-190

CVE-2020-17396

February 26, 2023 by

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the prl_hypervisor module. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the kernel. Was ZDI-CAN-11217.

CVE-2020-17360

February 26, 2023 by

** UNSUPPORTED WHEN ASSIGNED ** An issue was discovered in ReadyTalk Avian 1.2.0. The vm::arrayCopy method defined in classpath-common.h contains multiple boundary checks that are performed to prevent out-of-bounds memory read/write. However, two of these boundary checks contain an integer overflow that leads to a bypass of these checks, and out-of-bounds read/write. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

CVE-2020-16124

February 26, 2023 by

Integer Overflow or Wraparound vulnerability in the XML RPC library of OpenRobotics ros_comm communications packages allows unauthenticated network traffic to cause unexpected behavior. This issue affects: OpenRobotics ros_comm communications packages Noetic and prior versions. Fixed in https://github.com/ros/ros_comm/pull/2065.

CVE-2020-16040

February 26, 2023 by

Insufficient data validation in V8 in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2020-15974

February 26, 2023 by

Integer overflow in Blink in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to bypass site isolation via a crafted HTML page.

CVE-2020-15975

February 26, 2023 by

Integer overflow in SwiftShader in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 125
  • Go to page 126
  • Go to page 127
  • Go to page 128
  • Go to page 129
  • Interim pages omitted …
  • Go to page 250
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE