Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3096 matches found

Cvelist
Cvelistadded 2020/12/11 10:25 p.m.16 views

CVE-2020-17438

An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. The code that reassembles fragmented packets fails to properly validate the total length of an incoming packet specified in its IP header, as well as the fragmentation offset value specified in the IP header. By crafti...

9.8AI score0.1854EPSS
Exploits0References2
CVE
CVEadded 2020/12/11 10:25 p.m.89 views

CVE-2020-17438

CVE-2020-17438 affects uIP 1.0 (used in Contiki 3.0 and other products). The IP reassembly code fails to validate the total packet length and fragmentation offset, enabling crafted IP headers to write past the static buffer into the .bss area, causing a denial of service in uip_reass() and potent...

9.8CVSS9.8AI score0.1854EPSS
Exploits0References2Affected Software1
OSV
OSVadded 2020/12/09 9:15 p.m.2 views

AZL-45318 CVE-2020-16587 affecting package OpenEXR 2.3.0-6

A heap-based buffer overflow vulnerability exists in Academy Software Foundation OpenEXR 2.3.0 in chunkOffsetReconstruction in ImfMultiPartInputFile.cpp that can cause a denial of service via a crafted EXR file...

5.5CVSS7AI score0.01239EPSS
Exploits1References1
NVD
NVDadded 2020/12/09 5:15 p.m.11 views

CVE-2020-17529

Out-of-bounds Write vulnerability in TCP Stack of Apache NuttX incubating versions up to and including 9.1.0 and 10.0.0 allows attacker to corrupt memory by supplying and invalid fragmentation offset value specified in the IP header. This is only impacts builds with both CONFIGEXPERIMENTAL and...

9.8CVSS9.4AI score0.02855EPSS
Exploits0References2
Cvelist
Cvelistadded 2020/12/09 4:35 p.m.15 views

CVE-2020-17529 Apache NuttX (incubating) Out of Bound Write from invalid fragmentation offset value specified in the IP header

Out-of-bounds Write vulnerability in TCP Stack of Apache NuttX incubating versions up to and including 9.1.0 and 10.0.0 allows attacker to corrupt memory by supplying and invalid fragmentation offset value specified in the IP header. This is only impacts builds with both CONFIGEXPERIMENTAL and...

9.4AI score0.02855EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2020/12/09 2:34 a.m.35 views

CVE-2020-27823

A flaw was found in OpenJPEG’s encoder. This flaw allows an attacker to pass specially crafted x,y offset input to OpenJPEG to use during encoding. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Mitigation This flaw can be mitigated by...

7.8CVSS3.4AI score0.01111EPSS
Exploits0References3
CNNVD
CNNVDadded 2020/12/09 12:0 a.m.7 views

Apache NuttX 缓冲区错误漏洞

Apache NuttX is a real-time embedded operating system from the Apache Software Foundation.TCP Transmission Control Protocol is a connection-oriented, reliable, byte-stream-based transport layer communication protocol defined by IETF RFC 793. TCP Transmission Control Protocol is a...

9.1CVSS7.6AI score0.03134EPSS
Exploits0References4
CNNVD
CNNVDadded 2020/12/09 12:0 a.m.3 views

Apache NuttX 缓冲区错误漏洞

Apache NuttX is a real-time embedded operating system from the Apache Software Foundation.TCP Transmission Control Protocol is a connection-oriented, reliable, byte-stream-based transport layer communication protocol defined by IETF RFC 793. TCP Transmission Control Protocol is a...

9.8CVSS7.3AI score0.02855EPSS
Exploits0References4
OSV
OSVadded 2020/12/09 12:0 a.m.0 views

UBUNTU-CVE-2020-27823

A flaw was found in OpenJPEG’s encoder. This flaw allows an attacker to pass specially crafted x,y offset input to OpenJPEG to use during encoding. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...

7.8CVSS6.9AI score0.01111EPSS
Exploits0References5
NVD
NVDadded 2020/12/08 10:15 p.m.16 views

CVE-2020-25676

In CatromWeights, MeshInterpolate, InterpolatePixelChannel, InterpolatePixelChannels, and InterpolatePixelInfo, which are all functions in /MagickCore/pixel.c, there were multiple unconstrained pixel offset calculations which were being used with the floor function. These calculations produced...

5.5CVSS5.8AI score0.01172EPSS
Exploits1References3
OSV
OSVadded 2020/12/08 10:15 p.m.18 views

CVE-2020-25676

In CatromWeights, MeshInterpolate, InterpolatePixelChannel, InterpolatePixelChannels, and InterpolatePixelInfo, which are all functions in /MagickCore/pixel.c, there were multiple unconstrained pixel offset calculations which were being used with the floor function. These calculations produced...

5.5CVSS6.3AI score
Exploits0References3
OSV
OSVadded 2020/12/08 10:15 p.m.2 views

DEBIAN-CVE-2020-25675

In the CropImage and CropImageToTiles routines of MagickCore/transform.c, rounding calculations performed on unconstrained pixel offsets was causing undefined behavior in the form of integer overflow and out-of-range values as reported by UndefinedBehaviorSanitizer. Such issues could cause a...

3.3CVSS6.5AI score0.01072EPSS
Exploits1References1
Prion
Prionadded 2020/12/08 10:15 p.m.12 views

Integer overflow

In CatromWeights, MeshInterpolate, InterpolatePixelChannel, InterpolatePixelChannels, and InterpolatePixelInfo, which are all functions in /MagickCore/pixel.c, there were multiple unconstrained pixel offset calculations which were being used with the floor function. These calculations produced...

4.3CVSS5.6AI score0.01172EPSS
Exploits1References3Affected Software2
UbuntuCve
UbuntuCveadded 2020/12/08 10:15 p.m.21 views

CVE-2020-25676

In CatromWeights, MeshInterpolate, InterpolatePixelChannel, InterpolatePixelChannels, and InterpolatePixelInfo, which are all functions in /MagickCore/pixel.c, there were multiple unconstrained pixel offset calculations which were being used with the floor function. These calculations produced...

5.5CVSS6.8AI score0.01172EPSS
Exploits1References4
OSV
OSVadded 2020/12/08 9:15 p.m.1 views

DEBIAN-CVE-2020-25665

The PALM image coder at coders/palm.c makes an improper call to AcquireQuantumMemory in routine WritePALMImage because it needs to be offset by 256. This can cause a out-of-bounds read later on in the routine. The patch adds 256 to bytesperrow in the call to AcquireQuantumMemory. This could cause...

5.5CVSS6.7AI score0.01016EPSS
Exploits1References1
Cvelist
Cvelistadded 2020/12/08 12:0 a.m.17 views

CVE-2020-25676

In CatromWeights, MeshInterpolate, InterpolatePixelChannel, InterpolatePixelChannels, and InterpolatePixelInfo, which are all functions in /MagickCore/pixel.c, there were multiple unconstrained pixel offset calculations which were being used with the floor function. These calculations produced...

6AI score0.01172EPSS
Exploits1References3
Cvelist
Cvelistadded 2020/12/08 12:0 a.m.27 views

CVE-2020-25675

In the CropImage and CropImageToTiles routines of MagickCore/transform.c, rounding calculations performed on unconstrained pixel offsets was causing undefined behavior in the form of integer overflow and out-of-range values as reported by UndefinedBehaviorSanitizer. Such issues could cause a...

5.4AI score0.01072EPSS
Exploits1References3
CNNVD
CNNVDadded 2020/12/08 12:0 a.m.5 views

Contiki Buffer Error Vulnerability

Contiki is an open source cross-platform operating system for IoT Internet of Things devices. Contiki 3.0 suffers from a buffer error vulnerability that stems from an inability to validate the total length of incoming packets specified in its IP header as well as the segmentation offset value...

9.8CVSS7.5AI score0.1854EPSS
Exploits0References8
CVE
CVEadded 2020/12/08 12:0 a.m.173 views

CVE-2020-25676

CVE-2020-25676 concerns ImageMagick. Multiple unconstrained pixel offset calculations in CatromWeights(), MeshInterpolate(), InterpolatePixelChannel(), InterpolatePixelChannels(), and InterpolatePixelInfo() (in MagickCore/pixel.c) were evaluated with floor(), producing undefined behavior via out-...

5.5CVSS5.8AI score0.01172EPSS
Exploits1References3Affected Software1
Debian CVE
Debian CVEadded 2020/12/08 12:0 a.m.36 views

CVE-2020-25676

In CatromWeights, MeshInterpolate, InterpolatePixelChannel, InterpolatePixelChannels, and InterpolatePixelInfo, which are all functions in /MagickCore/pixel.c, there were multiple unconstrained pixel offset calculations which were being used with the floor function. These calculations produced...

5.5CVSS6.1AI score0.01172EPSS
Exploits1
Rows per page
Query Builder