• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-787

CVE-2020-14511

February 26, 2023 by

Malicious operation of the crafted web browser cookie may cause a stack-based buffer overflow in the system web server on the EDR-G902 and EDR-G903 Series Routers (versions prior to 5.4).

CVE-2020-14524

February 26, 2023 by

Softing Industrial Automation all versions prior to the latest build of version 4.47.0, The affected product is vulnerable to a heap-based buffer overflow, which may allow an attacker to remotely execute arbitrary code.

CVE-2020-14473

February 26, 2023 by

Stack-based buffer overflow vulnerability in Vigor3900, Vigor2960, and Vigor300B with firmware before 1.5.1.1.

CVE-2020-14482

February 26, 2023 by

Delta Industrial Automation DOPSoft, Version 4.00.08.15 and prior. Opening a specially crafted project file may overflow the heap, which may allow remote code execution, disclosure/modification of information, or cause the application to crash.

CVE-2020-14382

February 26, 2023 by

A vulnerability was found in upstream release cryptsetup-2.2.0 where, there’s a bug in LUKS2 format validation code, that is effectively invoked on every device/image presenting itself as LUKS2 container. The bug is in segments validation code in file ‘lib/luks2/luks2_json_metadata.c’ in function hdr_validate_segments(struct crypt_device *cd, json_object *hdr_jobj) where the code does not check for possible overflow on memory allocation used for intervals array (see statement “intervals = malloc(first_backup * sizeof(*intervals));”). Due to the bug, library can be *tricked* to expect such allocation was successful but for far less memory then originally expected. Later it may read data FROM image crafted by an attacker and actually write such data BEYOND allocated memory.

CVE-2020-14386

February 26, 2023 by

A flaw was found in the Linux kernel before 5.9-rc4. Memory corruption can be exploited to gain root privileges from unprivileged processes. The highest threat from this vulnerability is to data confidentiality and integrity.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 328
  • Go to page 329
  • Go to page 330
  • Go to page 331
  • Go to page 332
  • Interim pages omitted …
  • Go to page 1186
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE