Security Vulnerabilities, CVEs, Published In 2020 (Overflow)
Buffer overflow in the auerswald_probe function in the Auerswald Linux USB driver for the Linux kernel before 2.6.27 allows physically proximate attackers to execute arbitrary code, cause a denial of service via a crafted USB device, or take full control of the system.
Max CVSS
7.2
EPSS Score
0.31%
Published
2020-02-11
Updated
2020-02-12
Integer signedness error in the btrfs_ioctl_space_info function in the Linux kernel 2.6.37 allows local users to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted slot value.
Max CVSS
7.0
EPSS Score
0.04%
Published
2020-02-20
Updated
2020-02-25
Heap-based buffer overflow in Xchat-WDK before 1499-4 (2012-01-18) xchat 2.8.6 on Maemo architecture could allow remote attackers to cause a denial of service (xchat client crash) or execute arbitrary code via a UTF-8 line from server containing characters outside of the Basic Multilingual Plane (BMP).
Max CVSS
9.8
EPSS Score
1.97%
Published
2020-02-21
Updated
2020-03-05
A heap buffer overflow was discovered in the device control ioctl in the Linux driver for Nvidia graphics cards, which may allow an attacker to overflow 49 bytes. This issue was fixed in version 295.53.
Max CVSS
5.0
EPSS Score
0.09%
Published
2020-05-08
Updated
2020-05-18
A Code Execution vulnerability exists in the memcpy function when processing AMF requests in Ezhometech EzServer 7.0, which could let a remote malicious user execute arbitrary code or cause a Denial of Service
Max CVSS
9.8
EPSS Score
7.82%
Published
2020-01-13
Updated
2020-01-22
SumatraPDF 2.1.1/MuPDF 1.0 allows remote attackers to cause an Integer Overflow in the lex_number() function via a corrupt PDF file.
Max CVSS
7.8
EPSS Score
0.20%
Published
2020-01-23
Updated
2020-01-28
HT Editor 2.0.20 has a Remote Stack Buffer Overflow Vulnerability
Max CVSS
9.8
EPSS Score
0.51%
Published
2020-01-23
Updated
2020-01-28
A Buffer Overflow vulnerability exists in the Message Server service _MsJ2EE_AddStatistics() function when sending specially crafted SAP Message Server packets to remote TCP ports 36NN and/or 39NN in SAP NetWeaver 2004s, 7.01 SR1, 7.02 SP06, and 7.30 SP04, which could let a remote malicious user execute arbitrary code.
Max CVSS
10.0
EPSS Score
92.07%
Published
2020-01-23
Updated
2020-01-31
A Buffer Overflow vulnerability exists in Vivotek PT7135 IP Camera 0300a and 0400a via a specially crafted packet in the Authorization header field sent to the RTSP service, which could let a remote malicious user execute arbitrary code or cause a Denial of Service.
Max CVSS
9.8
EPSS Score
7.74%
Published
2020-01-24
Updated
2020-01-27
Stack-based buffer overflow in xnview.exe in XnView before 2.03 allows remote attackers to execute arbitrary code via a crafted image layer in an XCF file.
Max CVSS
7.8
EPSS Score
1.56%
Published
2020-01-02
Updated
2020-01-03
Heap-based buffer overflow in xnview.exe in XnView before 2.03 allows remote attackers to execute arbitrary code via a crafted RLE compressed layer in an XCF file.
Max CVSS
7.8
EPSS Score
0.36%
Published
2020-01-02
Updated
2020-01-03
IrfanView FlashPix Plugin 4.3.4 0 has an Integer Overflow Vulnerability
Max CVSS
9.6
EPSS Score
0.33%
Published
2020-01-27
Updated
2020-01-30
Stack-based buffer overflow in Media Player Classic - Home Cinema (MPC-HC) before 1.7.0.7858 allows remote attackers to execute arbitrary code via a crafted MPEG-2 Transport Stream (M2TS) file.
Max CVSS
7.8
EPSS Score
0.55%
Published
2020-01-31
Updated
2020-02-01
Buffer overflow in Media Player Classic - Home Cinema (MPC-HC) before 1.7.0 allows remote attackers to execute arbitrary code via a crafted RealMedia .rm file
Max CVSS
7.8
EPSS Score
0.55%
Published
2020-01-31
Updated
2020-02-01
XnView 2.03 has a stack-based buffer overflow vulnerability
Max CVSS
9.8
EPSS Score
0.28%
Published
2020-01-27
Updated
2020-01-30
XnView 2.03 has an integer overflow vulnerability
Max CVSS
9.8
EPSS Score
0.21%
Published
2020-01-27
Updated
2020-01-29
Heap-based buffer overflow in xnview.exe in XnView before 2.13 allows remote attackers to execute arbitrary code via the biBitCount field in a BMP file.
Max CVSS
7.8
EPSS Score
0.44%
Published
2020-01-02
Updated
2020-01-08
xnview.exe in XnView before 2.13 does not properly handle RLE strip lengths during processing of RGB files, which allows remote attackers to execute arbitrary code via the RLE strip size field in a RGB file, which leads to an unexpected sign extension error and a heap-based buffer overflow.
Max CVSS
7.8
EPSS Score
0.37%
Published
2020-01-02
Updated
2020-01-15
Xjp2.dll in XnView before 2.13 allows remote attackers to execute arbitrary code via (1) the Csiz parameter in a SIZ marker, which triggers an incorrect memory allocation, or (2) the lqcd field in a QCD marker in a crafted JPEG2000 file, which leads to a heap-based buffer overflow.
Max CVSS
9.8
EPSS Score
0.89%
Published
2020-01-02
Updated
2020-01-08
Stack-based buffer overflow in the MrSID plugin (MrSID.dll) before 4.37 for IrfanView allows remote attackers to execute arbitrary code via an IMAGE tag.
Max CVSS
7.8
EPSS Score
63.23%
Published
2020-01-02
Updated
2020-01-14
Heap-based buffer overflow in the MrSID plugin (MrSID.dll) before 4.37 for IrfanView allows remote attackers to execute arbitrary code via a levels header.
Max CVSS
7.8
EPSS Score
2.67%
Published
2020-01-02
Updated
2020-01-14
Qemu 1.1.2+dfsg to 2.1+dfsg suffers from a buffer overrun which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process.
Max CVSS
7.8
EPSS Score
0.05%
Published
2020-01-02
Updated
2020-01-15
HMailServer 5.3.x and prior: Memory Corruption which could cause DOS
Max CVSS
5.9
EPSS Score
0.12%
Published
2020-01-07
Updated
2020-01-08
FuzeZip 1.0.0.131625 has a Local Buffer Overflow vulnerability
Max CVSS
7.8
EPSS Score
0.08%
Published
2020-01-07
Updated
2020-01-08
Belkin n750 routers have a buffer overflow.
Max CVSS
10.0
EPSS Score
0.34%
Published
2020-02-13
Updated
2020-02-20