Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3096 matches found

OSV
OSVadded 2020/12/04 3:15 p.m.15 views

CVE-2020-27770

Due to a missing check for 0 value of replaceextent, it is possible for offset p to overflow in SubstituteString, causing potential impact to application availability. This could be triggered by a crafted input file that is processed by ImageMagick. This flaw affects ImageMagick versions prior to...

5.5CVSS6.5AI score
Exploits0References3
OSV
OSVadded 2020/12/04 3:15 p.m.1 views

DEBIAN-CVE-2020-27770

Due to a missing check for 0 value of replaceextent, it is possible for offset p to overflow in SubstituteString, causing potential impact to application availability. This could be triggered by a crafted input file that is processed by ImageMagick. This flaw affects ImageMagick versions prior to...

5.5CVSS6.8AI score0.01133EPSS
Exploits1References1
Prion
Prionadded 2020/12/04 3:15 p.m.22 views

Design/Logic Flaw

Due to a missing check for 0 value of replaceextent, it is possible for offset p to overflow in SubstituteString, causing potential impact to application availability. This could be triggered by a crafted input file that is processed by ImageMagick. This flaw affects ImageMagick versions prior to...

4.3CVSS5.6AI score0.01133EPSS
Exploits1References3Affected Software2
OSV
OSVadded 2020/12/04 3:15 p.m.2 views

UBUNTU-CVE-2020-27770

Due to a missing check for 0 value of replaceextent, it is possible for offset p to overflow in SubstituteString, causing potential impact to application availability. This could be triggered by a crafted input file that is processed by ImageMagick. This flaw affects ImageMagick versions prior to...

5.5CVSS6.8AI score0.01133EPSS
Exploits1References5
CVE
CVEadded 2020/12/04 12:0 a.m.184 views

CVE-2020-27770

CVE-2020-27770 is an ImageMagick flaw caused by a missing check for a 0 value in replace_extent, which can let an offset p overflow in SubstituteString(), potentially impacting availability. Affected software: ImageMagick versions prior to 7.0.8-68. The connected security notes confirm the root c...

5.5CVSS5.9AI score0.01133EPSS
Exploits1References3Affected Software1
Debian CVE
Debian CVEadded 2020/12/04 12:0 a.m.59 views

CVE-2020-27770

Due to a missing check for 0 value of replaceextent, it is possible for offset p to overflow in SubstituteString, causing potential impact to application availability. This could be triggered by a crafted input file that is processed by ImageMagick. This flaw affects ImageMagick versions prior to...

5.5CVSS6.2AI score0.01133EPSS
Exploits1
Kitploit
Kitploitadded 2020/11/30 8:30 p.m.47 views

GG-AESY - Hide Cool Stuff In Images

Blogpost: https://redteamer.tips/introducing-gg-aesy-a-stegocryptor/ WARNING: you might need to restore NuGet packages and restart visual studio before compiling. If anyone knows how I can get rid of this problem, DM me. Manual To start off, I highly recommend to always use GG-AESY using verbose...

7.1AI score
Exploits0References1
Packet Storm
Packet Stormadded 2020/11/25 12:0 a.m.713 views

SyncBreeze 10.0.28 Remote Buffer Overflow

Exploit Title: SyncBreeze 10.0.28 - 'password' Remote Buffer Overflow Date: 18-Sep-2020 Exploit Author: Abdessalam kingA.salam Vendor Homepage: http://www.syncbreeze.com Software Link: http://www.syncbreeze.com/setups/syncbreezeentsetupv10.0.28.exe Version: 10.0.28 Tested on: Windows 7,windows...

0.7AI score
Exploits0
OSV
OSVadded 2020/11/24 10:15 p.m.2 views

UBUNTU-CVE-2020-26235

In Rust time crate from version 0.2.7 and before version 0.2.23, unix-like operating systems may segfault due to dereferencing a dangling pointer in specific circumstances. This requires the user to set any environment variable in a different thread than the affected functions. The affected...

5.3CVSS5.8AI score0.01881EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 2020/11/24 7:54 p.m.25 views

CVE-2020-27770

Due to a missing check for 0 value of replaceextent, it is possible for offset p to overflow in SubstituteString, causing potential impact to application availability. This could be triggered by a crafted input file that is processed by ImageMagick...

5.5CVSS3.6AI score0.01133EPSS
Exploits1References3
RedhatCVE
RedhatCVEadded 2020/11/24 7:23 p.m.26 views

CVE-2020-25676

A flaw was found ImageMagick. Multiple unconstrained pixel offset calculations produce undefined behavior in the form of out-of-range and integer overflows. These instances of undefined behavior could be triggered by an attacker who is able to supply a crafted input file. The highest threat from...

5.5CVSS3AI score0.01172EPSS
Exploits1References3
OSV
OSVadded 2020/11/16 9:15 p.m.3 views

CVE-2020-27483

Garmin Forerunner 235 before 8.20 is affected by: Array index error. The component is: ConnectIQ TVM. The attack vector is: To exploit the vulnerability, the attacker must upload a malicious ConnectIQ application to the ConnectIQ store. The ConnectIQ program interpreter trusts the offset provided...

9.9CVSS7.5AI score
Exploits0References1
NVD
NVDadded 2020/11/02 9:15 p.m.18 views

CVE-2020-28030

In Wireshark 3.2.0 to 3.2.7, the GQUIC dissector could crash. This was addressed in epan/dissectors/packet-gquic.c by correcting the implementation of offset advancement...

7.5CVSS7.3AI score0.02041EPSS
Exploits1References6
OSV
OSVadded 2020/11/02 9:15 p.m.2 views

DEBIAN-CVE-2020-28030

In Wireshark 3.2.0 to 3.2.7, the GQUIC dissector could crash. This was addressed in epan/dissectors/packet-gquic.c by correcting the implementation of offset advancement...

7.5CVSS7.3AI score0.02041EPSS
Exploits1References1
OSV
OSVadded 2020/11/02 9:15 p.m.2 views

UBUNTU-CVE-2020-28030

In Wireshark 3.2.0 to 3.2.7, the GQUIC dissector could crash. This was addressed in epan/dissectors/packet-gquic.c by correcting the implementation of offset advancement...

7.5CVSS7.1AI score0.02041EPSS
Exploits1References5
Debian CVE
Debian CVEadded 2020/10/30 8:2 p.m.29 views

CVE-2020-28030

In Wireshark 3.2.0 to 3.2.7, the GQUIC dissector could crash. This was addressed in epan/dissectors/packet-gquic.c by correcting the implementation of offset advancement...

7.5CVSS7.2AI score0.02041EPSS
Exploits1
Tenable Nessus
Tenable Nessusadded 2020/10/30 12:0 a.m.20 views

EulerOS 2.0 SP5 : libplist (EulerOS-SA-2020-2288)

According to the versions of the libplist package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The parsedictnode function in bplist.c in libplist allows attackers to cause a denial of service out-of-bounds heap read and crash via a crafte...

7.5CVSS6.6AI score0.02926EPSS
Exploits0References4
OSV
OSVadded 2020/10/06 3:15 p.m.1 views

DEBIAN-CVE-2020-26575

In Wireshark through 3.2.7, the Facebook Zero Protocol aka FBZERO dissector could enter an infinite loop. This was addressed in epan/dissectors/packet-fbzero.c by correcting the implementation of offset advancement...

7.5CVSS7.5AI score0.03078EPSS
Exploits0References1
OSV
OSVadded 2020/10/06 3:15 p.m.1 views

UBUNTU-CVE-2020-26575

In Wireshark through 3.2.7, the Facebook Zero Protocol aka FBZERO dissector could enter an infinite loop. This was addressed in epan/dissectors/packet-fbzero.c by correcting the implementation of offset advancement...

7.5CVSS7.1AI score0.03078EPSS
Exploits0References8
Oracle linux
Oracle linuxadded 2020/10/06 12:0 a.m.31 views

exiv2 security update

0.27.0-3 - Validate relationship of the total size to the offset to avoid crash Resolves: bz1775695...

6.5CVSS1.5AI score0.01851EPSS
Exploits0
Rows per page
Query Builder