The vulnerability of the JunOS operating system’s SRX series routers’ implementation of the Internet Content Adaptation Protocol (ICAP) allows attackers to enhance their privileges, execute arbitrary code, or cause service failures.

The vulnerability of the Internet Content Adaptation Protocol ICAP implementation in the JunOS operating system’s SRX series routers stems from the copying of buffers without checking the size of the input data. Exploiting this vulnerability can allow an attacker to enhance their privileges,...

CVE-2020-28587

A specially crafted document can cause the document parser to copy data from a particular record type into a static-sized buffer within an object that is smaller than the size used for the copy, which will cause a heap-based buffer overflow. An attacker can entice the victim to open a document to...

The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted audio file.

...

The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (invalid read and application crash) via a crafted audio file.

...

CVE-2020-7559

A CWE-120: Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability exists in PLC Simulator on EcoStruxureª Control Expert now Unity Pro all versions that could cause a crash of the PLC simulator present in EcoStruxureª Control Expert software when receiving a specially...

CVE-2020-7564

A CWE-120: Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability exists in the Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules see notification for details which could cause write access and the execution o...

The vulnerability of Intel microprogramming software relates to copying buffers without checking the size of the input data, allowing attackers to exploit their privileges.

The vulnerability of Intel microprogramming software relates to the copying of buffers without checking the size of the input data. Exploiting this vulnerability can allow an attacker to enhance their privileges...

unixODBC: Insecure buffer copy in SQLWriteFileDSN function in odbcinst/SQLWriteFileDSN.c

An argument order confusion flaw was found in the SQLWriteFileDSN API of unixODBC. This could only be exploited via a malicious ODBC database connector package with the maximum impact being a denial of service...

RHEL 7 : unixODBC (RHSA-2020:4999)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4999 advisory. The unixODBC packages contain a framework that supports accessing databases through the ODBC protocol. Security Fixes: unixODBC: Buffer...

The vulnerability of microprogrammed software in server boards, server systems, and Intel computing modules arises from copying buffers without checking the size of the input data. This allows attackers to exploit their privileges.

The vulnerability of microprogrammed software in server boards, server systems, and Intel computing modules is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of the WebGL component of the Firefox browser, which allows a hacker to execute arbitrary code.

The vulnerability of the WebGL component in the Firefox browser is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

Allen-Bradley Flex IO 1794-AENT/B ENIP Request Path Port Segment Denial of Service Vulnerability

Summary An exploitable denial of service vulnerability exists in the ENIP Request Path Port Segment functionality of Allen-Bradley Flex IO 1794-AENT/B. A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can send a...

The vulnerability of microprogrammed software in server boards, server systems, and Intel computing modules arises from copying buffers without checking the size of the input data. This allows attackers to exploit their privileges.

The vulnerability of microprogrammed software in server boards, server systems, and Intel computing modules is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of PDF viewer programs such as Adobe Reader and Document Cloud, as well as PDF editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat, lies in the fact that they allow copying buffers without checking the size of the input data. This allows attackers to execute arbitrary code.

The vulnerabilities of PDF viewer programs such as Adobe Reader and Document Cloud, as well as PDF editing programs like Adobe Acrobat and Document Cloud, are related to the copying of buffers without checking the size of the input data. Exploiting these vulnerabilities can allow a malicious acto...

CVE-2020-8729

Buffer copy without checking size of input for some IntelR Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2020-8729

Buffer copy without checking size of input for some IntelR Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2020-8729

CVE-2020-8729 corresponds to a buffer copy issue in Intel® Server Boards, Server Systems and Compute Modules prior to firmware version 1.59 that may allow an authenticated local user to escalate privileges. The Intel advisory INTEL-SA-00384 documents this family of vulnerabilities and lists CVE-2...

Siemens LOGO! Web Server Code Execution Vulnerability

Summary An exploitable code execution vulnerability exists in the Web Server functionality of Siemens LOGO! 1.82.02, 12/24RCE Version 0BA and 230RCE Version 0BA. A specially crafted HTTP request can cause memory corruption resulting in a code execution. An attacker can send an unauthenticated...

The vulnerability of the Firefox, Firefox ESR, and Thunderbird software lies in the copying of buffers without checking the size of the input data. This allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the Firefox, Firefox ESR, and Thunderbird software lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability allows an attacker who operates remotely to access confidential data, compromise its integrity, and cause service...

The vulnerability in web browsers Firefox, Firefox ESR, and the email client Thunderbird, related to copying buffers without checking the size of the input data, allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability in web browsers Firefox, Firefox ESR, and the email client Thunderbird relates to the copying of buffers without checking the size of the input data. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and cause...