CVE-2020-14346
- EPSS 0.63%
- Veröffentlicht 15.09.2020 19:15:12
- Zuletzt bearbeitet 29.08.2025 13:42:30
A flaw was found in xorg-x11-server before 1.20.9. An integer underflow in the X input extension protocol decoding in the X server may lead to arbitrary access of memory contents. The highest threat from this vulnerability is to data confidentiality ...
CVE-2020-14361
- EPSS 0.61%
- Veröffentlicht 15.09.2020 19:15:12
- Zuletzt bearbeitet 29.08.2025 13:42:30
A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity...
CVE-2020-14362
- EPSS 0.59%
- Veröffentlicht 15.09.2020 19:15:12
- Zuletzt bearbeitet 29.08.2025 13:42:30
A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity...
CVE-2020-14345
- EPSS 0.59%
- Veröffentlicht 15.09.2020 14:15:13
- Zuletzt bearbeitet 21.11.2024 05:03:03
A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Out-Of-Bounds access in XkbSetNames function may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as w...
CVE-2020-8927
- EPSS 3.22%
- Veröffentlicht 15.09.2020 10:15:12
- Zuletzt bearbeitet 21.11.2024 05:39:41
A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 ...
CVE-2020-25285
- EPSS 0.27%
- Veröffentlicht 13.09.2020 18:15:09
- Zuletzt bearbeitet 21.11.2024 05:17:51
A race condition between hugetlb sysctl handlers in mm/hugetlb.c in the Linux kernel before 5.8.8 could be used by local attackers to corrupt memory, cause a NULL pointer dereference, or possibly have unspecified other impact, aka CID-17743798d812.
CVE-2013-7490
- EPSS 2.74%
- Veröffentlicht 11.09.2020 19:15:11
- Zuletzt bearbeitet 21.11.2024 02:01:08
An issue was discovered in the DBI module before 1.632 for Perl. Using many arguments to methods for Callbacks may lead to memory corruption.
CVE-2020-25219
- EPSS 4.28%
- Veröffentlicht 09.09.2020 21:15:11
- Zuletzt bearbeitet 21.11.2024 05:17:41
url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger uncontrolled recursion via a response composed of an infinite stream that lacks a newline character. This leads to stack exhaustion.
CVE-2020-24379
- EPSS 3.35%
- Veröffentlicht 09.09.2020 19:15:21
- Zuletzt bearbeitet 21.11.2024 05:14:42
WebDAV implementation in Yaws web server versions 1.81 to 2.0.7 is vulnerable to XXE injection.
- EPSS 17.37%
- Veröffentlicht 09.09.2020 19:15:21
- Zuletzt bearbeitet 21.11.2024 05:16:12
CGI implementation in Yaws web server versions 1.81 to 2.0.7 is vulnerable to OS command injection.