Export limit exceeded: 351444 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (8387 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-3179 | 1 Cisco | 25 Asa 5505, Asa 5505 Firmware, Asa 5510 and 22 more | 2024-11-21 | 7.5 High |
| A vulnerability in the generic routing encapsulation (GRE) tunnel decapsulation feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a memory handling error when GRE over IPv6 traffic is processed. An attacker could exploit this vulnerability by sending crafted GRE over IPv6 packets with either IPv4 or IPv6 payload through an affected device. A successful exploit could allow the attacker to cause the device to crash, resulting in a DoS condition. | ||||
| CVE-2020-36557 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-11-21 | 5.1 Medium |
| A race condition in the Linux kernel before 5.6.2 between the VT_DISALLOCATE ioctl and closing/opening of ttys could lead to a use-after-free. | ||||
| CVE-2020-36464 | 1 Heapless Project | 1 Heapless | 2024-11-21 | 7.5 High |
| An issue was discovered in the heapless crate before 0.6.1 for Rust. The IntoIter Clone implementation clones an entire underlying Vec without considering whether it has already been partially consumed. | ||||
| CVE-2020-36434 | 1 Sys-info Project | 1 Sys-info | 2024-11-21 | 9.8 Critical |
| An issue was discovered in the sys-info crate before 0.8.0 for Rust. sys_info::disk_info calls can trigger a double free. | ||||
| CVE-2020-36405 | 2 Keystone-engine, Linux | 2 Keystone Engine, Linux Kernel | 2024-11-21 | 7.8 High |
| Keystone Engine 0.9.2 has a use-after-free in llvm_ks::X86Operand::getToken. | ||||
| CVE-2020-36401 | 2 Linux, Mruby | 2 Linux Kernel, Mruby | 2024-11-21 | 7.8 High |
| mruby 2.1.2 has a double free in mrb_default_allocf (called from mrb_free and obj_free). | ||||
| CVE-2020-36387 | 2 Linux, Netapp | 17 Linux Kernel, H300e, H300e Firmware and 14 more | 2024-11-21 | 7.8 High |
| An issue was discovered in the Linux kernel before 5.8.2. fs/io_uring.c has a use-after-free related to io_async_task_func and ctx reference holding, aka CID-6d816e088c35. | ||||
| CVE-2020-36385 | 4 Linux, Netapp, Redhat and 1 more | 26 Linux Kernel, H300e, H300e Firmware and 23 more | 2024-11-21 | 7.8 High |
| An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called, aka CID-f5449e74802c. | ||||
| CVE-2020-36329 | 5 Apple, Debian, Netapp and 2 more | 8 Ipados, Iphone Os, Debian Linux and 5 more | 2024-11-21 | 9.8 Critical |
| A flaw was found in libwebp in versions before 1.0.1. A use-after-free was found due to a thread being killed too early. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | ||||
| CVE-2020-36318 | 2 Redhat, Rust-lang | 3 Devtools, Enterprise Linux, Rust | 2024-11-21 | 9.8 Critical |
| In the standard library in Rust before 1.49.0, VecDeque::make_contiguous has a bug that pops the same element more than once under certain condition. This bug could result in a use-after-free or double free. | ||||
| CVE-2020-36313 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 7.8 High |
| An issue was discovered in the Linux kernel before 5.7. The KVM subsystem allows out-of-range access to memslots after a deletion, aka CID-0774a964ef56. This affects arch/s390/kvm/kvm-s390.c, include/linux/kvm_host.h, and virt/kvm/kvm_main.c. | ||||
| CVE-2020-36225 | 3 Apple, Debian, Openldap | 3 Macos, Debian Linux, Openldap | 2024-11-21 | 7.5 High |
| A flaw was discovered in OpenLDAP before 2.4.57 leading to a double free and slapd crash in the saslAuthzTo processing, resulting in denial of service. | ||||
| CVE-2020-36223 | 3 Apple, Debian, Openldap | 4 Mac Os X, Macos, Debian Linux and 1 more | 2024-11-21 | 7.5 High |
| A flaw was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Values Return Filter control handling, resulting in denial of service (double free and out-of-bounds read). | ||||
| CVE-2020-36205 | 1 Xcb Project | 1 Xcb | 2024-11-21 | 5.5 Medium |
| An issue was discovered in the xcb crate through 2020-12-10 for Rust. base::Error does not have soundness. Because of the public ptr field, a use-after-free or double-free can occur. | ||||
| CVE-2020-35980 | 1 Gpac | 1 Gpac | 2024-11-21 | 7.8 High |
| An issue was discovered in GPAC version 0.8.0 and 1.0.1. There is a use-after-free in the function gf_isom_box_del() in isomedia/box_funcs.c. | ||||
| CVE-2020-35923 | 1 Ordered-float Project | 1 Ordered-float | 2024-11-21 | 5.5 Medium |
| An issue was discovered in the ordered-float crate before 1.1.1 and 2.x before 2.0.1 for Rust. A NotNan value can contain a NaN. | ||||
| CVE-2020-35917 | 1 Pyo3 Project | 1 Pyo3 | 2024-11-21 | 5.5 Medium |
| An issue was discovered in the pyo3 crate before 0.12.4 for Rust. There is a reference-counting error and use-after-free in From<Py<T>>. | ||||
| CVE-2020-35902 | 1 Actix | 1 Actix-codec | 2024-11-21 | 9.8 Critical |
| An issue was discovered in the actix-codec crate before 0.3.0-beta.1 for Rust. There is a use-after-free in Framed. | ||||
| CVE-2020-35901 | 1 Actix | 1 Actix-http | 2024-11-21 | 7.5 High |
| An issue was discovered in the actix-http crate before 2.0.0-alpha.1 for Rust. There is a use-after-free in BodyStream. | ||||
| CVE-2020-35900 | 1 Array-queue Project | 1 Array-queue | 2024-11-21 | 5.5 Medium |
| An issue was discovered in the array-queue crate through 2020-09-26 for Rust. A pop_back() call may lead to a use-after-free. | ||||