Security Vulnerabilities, CVEs, Published In January 2020 (Overflow)
In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis (ossec-analysisd) is vulnerable to an off-by-one heap-based buffer overflow during the cleaning of crafted syslog msgs (received from authenticated remote agents and delivered to the analysisd processing queue by ossec-remoted).
Max CVSS
9.8
EPSS Score
18.21%
Published
2020-01-30
Updated
2022-04-26
In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis (ossec-analysisd) is vulnerable to a heap-based buffer overflow in the rootcheck decoder component via an authenticated client.
Max CVSS
8.8
EPSS Score
1.50%
Published
2020-01-30
Updated
2022-09-12
opj_t1_clbl_decode_processor in openjp2/t1.c in OpenJPEG 2.3.1 through 2020-01-28 has a heap-based buffer overflow in the qmfbid==1 case, a different issue than CVE-2020-6851.
Max CVSS
8.8
EPSS Score
1.28%
Published
2020-01-28
Updated
2021-04-02
MmsValue_decodeMmsData in mms/iso_mms/server/mms_access_result.c in libIEC61850 through 1.4.0 has a heap-based buffer overflow when parsing the MMS_BIT_STRING data type.
Max CVSS
8.8
EPSS Score
0.23%
Published
2020-01-14
Updated
2020-01-24
tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMU_IRC. This can cause a heap-based buffer overflow or other out-of-bounds access which can lead to a DoS or potential execute arbitrary code.
Max CVSS
6.8
EPSS Score
0.36%
Published
2020-01-16
Updated
2021-02-14
libmysofa 0.9.1 has a stack-based buffer overflow in readDataVar in hdf/dataobject.c during the reading of a header message attribute.
Max CVSS
8.8
EPSS Score
0.37%
Published
2020-01-13
Updated
2022-02-20
OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj_t1_clbl_decode_processor in openjp2/t1.c because of lack of opj_j2k_update_image_dimensions validation.
Max CVSS
7.5
EPSS Score
1.24%
Published
2020-01-13
Updated
2022-04-29
In mruby 2.1.0, there is a stack-based buffer overflow in mrb_str_len_to_dbl in string.c.
Max CVSS
9.8
EPSS Score
0.47%
Published
2020-01-11
Updated
2020-01-13
Philips Hue Bridge model 2.X prior to and including version 1935144020 contains a Heap-based Buffer Overflow when handling a long ZCL string during the commissioning phase, resulting in a remote code execution.
Max CVSS
7.9
EPSS Score
0.15%
Published
2020-01-23
Updated
2023-03-01
FontForge 20190801 has a heap-based buffer overflow in the Type2NotDefSplines() function in splinesave.c.
Max CVSS
8.8
EPSS Score
0.50%
Published
2020-01-03
Updated
2024-03-08
libImaging/FliDecode.c in Pillow before 6.2.2 has an FLI buffer overflow.
Max CVSS
7.1
EPSS Score
0.19%
Published
2020-01-03
Updated
2023-01-24
libImaging/PcxDecode.c in Pillow before 6.2.2 has a PCX P mode buffer overflow.
Max CVSS
9.8
EPSS Score
0.98%
Published
2020-01-03
Updated
2020-08-18
libImaging/SgiRleDecode.c in Pillow before 6.2.2 has an SGI buffer overflow.
Max CVSS
9.8
EPSS Score
0.83%
Published
2020-01-03
Updated
2020-08-18
libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer overflow, related to realloc.
Max CVSS
8.8
EPSS Score
0.28%
Published
2020-01-03
Updated
2023-01-24
In NetHack before 3.6.5, detecting an unknown configuration file option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. This vulnerability affects systems that have NetHack installed suid/sgid and shared systems that allow users to upload their own configuration files. Users should upgrade to NetHack 3.6.5.
Max CVSS
9.8
EPSS Score
1.20%
Published
2020-01-28
Updated
2020-02-07
In NetHack before 3.6.5, too long of a value for the SYMBOL configuration file option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. This vulnerability affects systems that have NetHack installed suid/sgid and shared systems that allow users to upload their own configuration files. Users should upgrade to NetHack 3.6.5.
Max CVSS
9.8
EPSS Score
1.20%
Published
2020-01-28
Updated
2020-02-07
In NetHack before 3.6.5, an extremely long value for the MENUCOLOR configuration file option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. This vulnerability affects systems that have NetHack installed suid/sgid and shared systems that allow users to upload their own configuration files. Users should upgrade to NetHack 3.6.5.
Max CVSS
9.8
EPSS Score
1.20%
Published
2020-01-28
Updated
2020-02-07
In NetHack before 3.6.5, an invalid extended command in value for the AUTOCOMPLETE configuration file option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. This vulnerability affects systems that have NetHack installed suid/sgid and shared systems that allow users to upload their own configuration files. Users should upgrade to NetHack 3.6.5.
Max CVSS
9.8
EPSS Score
1.20%
Published
2020-01-28
Updated
2020-02-07
In NetHack before 3.6.5, an invalid argument to the -w command line option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. This vulnerability affects systems that have NetHack installed suid/sgid and shared systems that allow users to influence command line options. Users should upgrade to NetHack 3.6.5.
Max CVSS
7.8
EPSS Score
0.22%
Published
2020-01-28
Updated
2020-02-03
In NetHack before 3.6.5, unknown options starting with -de and -i can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. This vulnerability affects systems that have NetHack installed suid/sgid and shared systems that allow users to influence command line options. Users should upgrade to NetHack 3.6.5.
Max CVSS
7.8
EPSS Score
0.22%
Published
2020-01-28
Updated
2020-02-03
In uftpd before 2.11, there is a buffer overflow vulnerability in handle_PORT in ftpcmd.c that is caused by a buffer that is 16 bytes large being filled via sprintf() with user input based on the format specifier string %d.%d.%d.%d. The 16 byte size is correct for valid IPv4 addresses (len('255.255.255.255') == 16), but the format specifier %d allows more than 3 digits. This has been fixed in version 2.11
Max CVSS
8.8
EPSS Score
16.62%
Published
2020-01-06
Updated
2020-01-18
IBM Watson IoT Message Gateway 2.0.0.x, 5.0.0.0, 5.0.0.1, and 5.0.0.2 is vulnerable to a buffer overflow, caused by improper bounds checking when handling a failed HTTP request with specific content in the headers. By sending a specially crafted HTTP request, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause a denial of service. IBM X-Force ID: 174972.
Max CVSS
9.8
EPSS Score
0.75%
Published
2020-01-28
Updated
2020-02-03
In the Lustre file system before 2.12.3, the ptlrpc module has a buffer overflow and panic, and possibly remote code execution, due to the lack of validation for specific fields of packets sent by a client. Interaction between req_capsule_get_size and tgt_brw_write leads to a tgt_shortio2pages integer signedness error.
Max CVSS
9.8
EPSS Score
1.63%
Published
2020-01-27
Updated
2020-01-29
In the Lustre file system before 2.12.3, the ptlrpc module has a buffer overflow and panic due to the lack of validation for specific fields of packets sent by a client. The function target_handle_connect() mishandles a certain size value when a client connects to a server, because of an integer signedness error.
Max CVSS
7.8
EPSS Score
0.48%
Published
2020-01-27
Updated
2020-01-28
A segmentation fault is present in yyparse in libyang before v1.0-r1 due to a malformed pattern statement value during lys_parse_path parsing.
Max CVSS
6.5
EPSS Score
0.29%
Published
2020-01-22
Updated
2023-09-19