Export limit exceeded: 85525 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (85525 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-27347 | 1 Tmux Project | 1 Tmux | 2024-11-21 | 8.8 High |
| In tmux before version 3.1c the function input_csi_dispatch_sgr_colon() in file input.c contained a stack-based buffer-overflow that can be exploited by terminal output. | ||||
| CVE-2020-27302 | 1 Realtek | 4 Rtl8195a, Rtl8195a Firmware, Rtl8710c and 1 more | 2024-11-21 | 8.0 High |
| A stack buffer overflow in Realtek RTL8710 (and other Ameba-based devices) can lead to remote code execution via the "memcpy" function, when an attacker in Wi-Fi range sends a crafted "Encrypted GTK" value as part of the WPA2 4-way-handshake. | ||||
| CVE-2020-27301 | 1 Realtek | 4 Rtl8195a, Rtl8195a Firmware, Rtl8710c and 1 more | 2024-11-21 | 8.0 High |
| A stack buffer overflow in Realtek RTL8710 (and other Ameba-based devices) can lead to remote code execution via the "AES_UnWRAP" function, when an attacker in Wi-Fi range sends a crafted "Encrypted GTK" value as part of the WPA2 4-way-handshake. | ||||
| CVE-2020-27295 | 1 Honeywell | 1 Opc Ua Tunneller | 2024-11-21 | 7.5 High |
| The affected product has uncontrolled resource consumption issues, which may allow an attacker to cause a denial-of-service condition on the OPC UA Tunneller (versions prior to 6.3.0.8233). | ||||
| CVE-2020-27293 | 1 Deltaww | 1 Cncsoft-b | 2024-11-21 | 7.8 High |
| Delta Electronics CNCSoft-B Versions 1.0.0.2 and prior has a type confusion issue while processing project files, which may allow an attacker to execute arbitrary code. | ||||
| CVE-2020-27291 | 1 Deltaww | 1 Cncsoft-b | 2024-11-21 | 7.8 High |
| Delta Electronics CNCSoft-B Versions 1.0.0.2 and prior is vulnerable to an out-of-bounds read while processing project files, which may allow an attacker to execute arbitrary code. | ||||
| CVE-2020-27289 | 1 Deltaww | 1 Cncsoft-b | 2024-11-21 | 7.8 High |
| Delta Electronics CNCSoft-B Versions 1.0.0.2 and prior has a null pointer dereference issue while processing project files, which may allow an attacker to execute arbitrary code. | ||||
| CVE-2020-27288 | 1 Deltaww | 1 Tpeditor | 2024-11-21 | 7.8 High |
| An untrusted pointer dereference has been identified in the way TPEditor(v1.98 and prior) processes project files, allowing an attacker to craft a special project file that may permit arbitrary code execution. | ||||
| CVE-2020-27287 | 1 Deltaww | 1 Cncsoft-b | 2024-11-21 | 7.8 High |
| Delta Electronics CNCSoft-B Versions 1.0.0.2 and prior is vulnerable to an out-of-bounds write while processing project files, which may allow an attacker to execute arbitrary code. | ||||
| CVE-2020-27284 | 1 Deltaww | 1 Tpeditor | 2024-11-21 | 7.8 High |
| TPEditor (v1.98 and prior) is vulnerable to two out-of-bounds write instances in the way it processes project files, allowing an attacker to craft a special project file that may permit arbitrary code execution. | ||||
| CVE-2020-27281 | 1 Deltaww | 1 Cncsoft Screeneditor | 2024-11-21 | 7.8 High |
| A stack-based buffer overflow may exist in Delta Electronics CNCSoft ScreenEditor versions 1.01.26 and prior when processing specially crafted project files, which may allow an attacker to execute arbitrary code. | ||||
| CVE-2020-27280 | 1 Deltaww | 1 Ispsoft | 2024-11-21 | 7.8 High |
| A use after free issue has been identified in the way ISPSoft(v3.12 and prior) processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution. | ||||
| CVE-2020-27277 | 1 Deltaww | 1 Dopsoft | 2024-11-21 | 7.8 High |
| Delta Electronics DOPSoft Version 4.0.8.21 and prior has a null pointer dereference issue while processing project files, which may allow an attacker to execute arbitrary code. | ||||
| CVE-2020-27275 | 1 Deltaww | 1 Dopsoft | 2024-11-21 | 7.8 High |
| Delta Electronics DOPSoft Version 4.0.8.21 and prior is vulnerable to an out-of-bounds write while processing project files, which may allow an attacker to execute arbitrary code. | ||||
| CVE-2020-27274 | 1 Honeywell | 1 Opc Ua Tunneller | 2024-11-21 | 7.5 High |
| Some parsing functions in the affected product do not check the return value of malloc and the thread handling the message is forced to close, which may lead to a denial-of-service condition on the OPC UA Tunneller (versions prior to 6.3.0.8233). | ||||
| CVE-2020-27264 | 1 Sooil | 6 Anydana-a, Anydana-a Firmware, Anydana-i and 3 more | 2024-11-21 | 8.8 High |
| In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, the communication protocol of the insulin pump and its AnyDana-i and AnyDana-A mobile applications use deterministic keys, which allows unauthenticated, physically proximate attackers to brute-force the keys via Bluetooth Low Energy. | ||||
| CVE-2020-27261 | 1 Omron | 4 Cx-one, Cx-position, Cx-protocol and 1 more | 2024-11-21 | 8.8 High |
| The Omron CX-One Version 4.60 and prior is vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute arbitrary code. | ||||
| CVE-2020-27259 | 1 Omron | 4 Cx-one, Cx-position, Cx-protocol and 1 more | 2024-11-21 | 8.8 High |
| The Omron CX-One Version 4.60 and prior may allow an attacker to supply a pointer to arbitrary memory locations, which may allow an attacker to remotely execute arbitrary code. | ||||
| CVE-2020-27257 | 1 Omron | 4 Cx-one, Cx-position, Cx-protocol and 1 more | 2024-11-21 | 7.8 High |
| This vulnerability allows local attackers to execute arbitrary code due to the lack of proper validation of user-supplied data, which can result in a type-confusion condition in the Omron CX-One Version 4.60 and prior devices. | ||||
| CVE-2020-27255 | 1 Rockwellautomation | 1 Factorytalk Linx | 2024-11-21 | 7.5 High |
| A heap overflow vulnerability exists within FactoryTalk Linx Version 6.11 and prior. This vulnerability could allow a remote, unauthenticated attacker to send malicious set attribute requests, which could result in the leaking of sensitive information. This information disclosure could lead to the bypass of address space layout randomization (ASLR). | ||||