CVE-2020-15863
- EPSS 0.45%
- Veröffentlicht 28.07.2020 16:15:12
- Zuletzt bearbeitet 21.11.2024 05:06:20
hw/net/xgmac.c in the XGMAC Ethernet controller in QEMU before 07-20-2020 has a buffer overflow. This occurs during packet transmission and affects the highbank and midway emulated machines. A guest user or process could use this flaw to crash the QE...
CVE-2020-12460
- EPSS 3.68%
- Veröffentlicht 27.07.2020 23:15:12
- Zuletzt bearbeitet 21.11.2024 04:59:44
OpenDMARC through 1.3.2 and 1.4.x through 1.4.0-Beta1 has improper null termination in the function opendmarc_xml_parse that can result in a one-byte heap overflow in opendmarc_xml when parsing a specially crafted DMARC aggregate report. This can cau...
CVE-2020-15103
- EPSS 1.47%
- Veröffentlicht 27.07.2020 18:15:13
- Zuletzt bearbeitet 21.11.2024 05:04:48
In FreeRDP less than or equal to 2.1.2, an integer overflow exists due to missing input sanitation in rdpegfx channel. All FreeRDP clients are affected. The input rectangles from the server are not checked against local surface coordinates and blindl...
CVE-2020-15954
- EPSS 0.65%
- Veröffentlicht 27.07.2020 07:15:11
- Zuletzt bearbeitet 21.11.2024 05:06:31
KDE KMail 19.12.3 (aka 5.13.3) engages in unencrypted POP3 communication during times when the UI indicates that encryption is in use.
CVE-2020-15953
- EPSS 2.41%
- Veröffentlicht 27.07.2020 07:15:10
- Zuletzt bearbeitet 21.11.2024 05:06:31
LibEtPan through 1.9.4, as used in MailCore 2 through 0.6.3 and other products, has a STARTTLS buffering issue that affects IMAP, SMTP, and POP3. When a server sends a "begin TLS" response, the client reads additional data (e.g., from a meddler-in-th...
CVE-2020-6524
- EPSS 2.88%
- Veröffentlicht 22.07.2020 17:15:14
- Zuletzt bearbeitet 21.11.2024 05:35:53
Heap buffer overflow in WebAudio in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6525
- EPSS 1.86%
- Veröffentlicht 22.07.2020 17:15:14
- Zuletzt bearbeitet 21.11.2024 05:35:53
Heap buffer overflow in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6526
- EPSS 1.71%
- Veröffentlicht 22.07.2020 17:15:14
- Zuletzt bearbeitet 21.11.2024 05:35:54
Inappropriate implementation in iframe sandbox in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
CVE-2020-6527
- EPSS 1.54%
- Veröffentlicht 22.07.2020 17:15:14
- Zuletzt bearbeitet 21.11.2024 05:35:54
Insufficient policy enforcement in CSP in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to bypass content security policy via a crafted HTML page.
CVE-2020-6528
- EPSS 1.51%
- Veröffentlicht 22.07.2020 17:15:14
- Zuletzt bearbeitet 21.11.2024 05:35:54
Incorrect security UI in basic auth in Google Chrome on iOS prior to 84.0.4147.89 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.