CVE-2020-10029
- EPSS 0.76%
- Veröffentlicht 04.03.2020 15:15:13
- Zuletzt bearbeitet 21.11.2024 04:54:40
The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl...
CVE-2020-10018
- EPSS 4.99%
- Veröffentlicht 02.03.2020 23:15:11
- Zuletzt bearbeitet 21.11.2024 04:54:39
WebKitGTK through 2.26.4 and WPE WebKit through 2.26.4 (which are the versions right before 2.28.0) contains a memory corruption issue (use-after-free) that may lead to arbitrary code execution. This issue has been fixed in 2.28.0 with improved memor...
CVE-2020-6800
- EPSS 2.27%
- Veröffentlicht 02.03.2020 05:15:13
- Zuletzt bearbeitet 21.11.2024 05:36:12
Mozilla developers and community members reported memory safety bugs present in Firefox 72 and Firefox ESR 68.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to...
CVE-2020-6801
- EPSS 1.38%
- Veröffentlicht 02.03.2020 05:15:13
- Zuletzt bearbeitet 21.11.2024 05:36:12
Mozilla developers reported memory safety bugs present in Firefox 72. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability aff...
CVE-2019-17026
- EPSS 46.59%
- Veröffentlicht 02.03.2020 05:15:12
- Zuletzt bearbeitet 04.11.2025 14:34:39
Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR < 68.4.1, Thunderbird < 68.4.1, an...
CVE-2020-6792
- EPSS 1.3%
- Veröffentlicht 02.03.2020 05:15:12
- Zuletzt bearbeitet 21.11.2024 05:36:11
When deriving an identifier for an email message, uninitialized memory was used in addition to the message contents. This vulnerability affects Thunderbird < 68.5.
CVE-2020-6794
- EPSS 0.99%
- Veröffentlicht 02.03.2020 05:15:12
- Zuletzt bearbeitet 21.11.2024 05:36:11
If a user saved passwords before Thunderbird 60 and then later set a master password, an unencrypted copy of these passwords is still accessible. This is because the older stored password file was not deleted when the data was copied to a new format ...
CVE-2020-7062
- EPSS 3.51%
- Veröffentlicht 27.02.2020 21:15:19
- Zuletzt bearbeitet 21.11.2024 05:36:35
In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when using file upload functionality, if upload progress tracking is enabled, but session.upload_progress.cleanup is set to 0 (disabled), and the file upload fails, the upl...
CVE-2020-9274
- EPSS 5.81%
- Veröffentlicht 26.02.2020 16:15:19
- Zuletzt bearbeitet 21.11.2024 05:40:19
An issue was discovered in Pure-FTPd 1.0.49. An uninitialized pointer vulnerability has been detected in the diraliases linked list. When the *lookup_alias(const char alias) or print_aliases(void) function is called, they fail to correctly detect the...
CVE-2020-8793
- EPSS 0.9%
- Veröffentlicht 25.02.2020 17:15:13
- Zuletzt bearbeitet 21.11.2024 05:39:26
OpenSMTPD before 6.6.4 allows local users to read arbitrary files (e.g., on some Linux distributions) because of a combination of an untrusted search path in makemap.c and race conditions in the offline functionality in smtpd.c.