CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Debian » Debian Linux » 9.0 * * * : Security Vulnerabilities Published In 2020 (Overflow)

Cpe Name:cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2020-35738 787 Overflow 2020-12-28 2021-07-21
5.8
None Remote Medium Not required None Partial Partial
WavPack 5.3.0 has an out-of-bounds write in WavpackPackSamples in pack_utils.c because of an integer overflow in a malloc argument. NOTE: some third-parties claim that there are later "unofficial" releases through 5.3.2, which are also affected.
2 CVE-2020-29568 119 Overflow 2020-12-15 2021-07-21
4.9
None Local Low Not required None None Complete
An issue was discovered in Xen through 4.14.x. Some OSes (such as Linux, FreeBSD, and NetBSD) are processing watch events using a single thread. If the events are received faster than the thread is able to handle, they will get queued. As the queue is unbounded, a guest may be able to trigger an OOM in the backend. All systems with a FreeBSD, Linux, or NetBSD (any version) dom0 are vulnerable.
3 CVE-2020-28928 787 Overflow 2020-11-24 2021-12-02
2.1
None Local Low Not required None None Partial
In musl libc through 1.2.1, wcsnrtombs mishandles particular combinations of destination buffer size and source character limit, as demonstrated by an invalid write access (buffer overflow).
4 CVE-2020-27813 190 DoS Overflow 2020-12-02 2021-02-25
5.0
None Remote Low Not required None None Partial
An integer overflow vulnerability exists with the length of websocket frames received via a websocket connection. An attacker would use this flaw to cause a denial of service attack on an HTTP Server allowing websocket connections.
5 CVE-2020-27770 190 Overflow 2020-12-04 2021-06-02
4.3
None Remote Medium Not required None None Partial
Due to a missing check for 0 value of `replace_extent`, it is possible for offset `p` to overflow in SubstituteString(), causing potential impact to application availability. This could be triggered by a crafted input file that is processed by ImageMagick. This flaw affects ImageMagick versions prior to 7.0.8-68.
6 CVE-2020-27754 190 Overflow 2020-12-08 2021-03-25
4.3
None Remote Medium Not required None None Partial
In IntensityCompare() of /magick/quantize.c, there are calls to PixelPacketIntensity() which could return overflowed values to the caller when ImageMagick processes a crafted input file. To mitigate this, the patch introduces and uses the ConstrainPixelIntensity() function, which forces the pixel intensities to be within the proper bounds in the event of an overflow. This flaw affects ImageMagick versions prior to 6.9.10-69 and 7.0.8-69.
7 CVE-2020-27638 119 DoS Overflow 2020-10-22 2021-07-21
5.0
None Remote Low Not required None None Partial
receive.c in fastd before v21 allows denial of service (assertion failure) when receiving packets with an invalid type code.
8 CVE-2020-26572 787 Overflow 2020-10-06 2021-11-30
2.1
None Local Low Not required None None Partial
The TCOS smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in tcos_decipher.
9 CVE-2020-26571 787 Overflow 2020-10-06 2021-11-30
2.1
None Local Low Not required None None Partial
The gemsafe GPK smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in sc_pkcs15emu_gemsafeGPK_init.
10 CVE-2020-26570 787 Overflow 2020-10-06 2021-11-29
2.1
None Local Low Not required None None Partial
The Oberthur smart card software driver in OpenSC before 0.21.0-rc1 has a heap-based buffer overflow in sc_oberthur_read_file.
11 CVE-2020-25676 190 Overflow 2020-12-08 2021-06-02
4.3
None Remote Medium Not required None None Partial
In CatromWeights(), MeshInterpolate(), InterpolatePixelChannel(), InterpolatePixelChannels(), and InterpolatePixelInfo(), which are all functions in /MagickCore/pixel.c, there were multiple unconstrained pixel offset calculations which were being used with the floor() function. These calculations produced undefined behavior in the form of out-of-range and integer overflows, as identified by UndefinedBehaviorSanitizer. These instances of undefined behavior could be triggered by an attacker who is able to supply a crafted input file to be processed by ImageMagick. These issues could impact application availability or potentially cause other problems related to undefined behavior. This flaw affects ImageMagick versions prior to 7.0.9-0.
12 CVE-2020-25675 190 Overflow 2020-12-08 2021-06-02
4.3
None Remote Medium Not required None None Partial
In the CropImage() and CropImageToTiles() routines of MagickCore/transform.c, rounding calculations performed on unconstrained pixel offsets was causing undefined behavior in the form of integer overflow and out-of-range values as reported by UndefinedBehaviorSanitizer. Such issues could cause a negative impact to application availability or other problems related to undefined behavior, in cases where ImageMagick processes untrusted input data. The upstream patch introduces functionality to constrain the pixel offsets and prevent these issues. This flaw affects ImageMagick versions prior to 7.0.9-0.
13 CVE-2020-25674 125 Overflow 2020-12-08 2021-06-02
4.3
None Remote Medium Not required None None Partial
WriteOnePNGImage() from coders/png.c (the PNG coder) has a for loop with an improper exit condition that can allow an out-of-bounds READ via heap-buffer-overflow. This occurs because it is possible for the colormap to have less than 256 valid values but the loop condition will loop 256 times, attempting to pass invalid colormap data to the event logger. The patch replaces the hardcoded 256 value with a call to MagickMin() to ensure the proper value is used. This could impact application availability when a specially crafted input file is processed by ImageMagick. This flaw affects ImageMagick versions prior to 7.0.8-68.
14 CVE-2020-25666 190 Overflow 2020-12-08 2021-06-02
4.3
None Remote Medium Not required None None Partial
There are 4 places in HistogramCompare() in MagickCore/histogram.c where an integer overflow is possible during simple math calculations. This occurs in the rgb values and `count` value for a color. The patch uses casts to `ssize_t` type for these calculations, instead of `int`. This flaw could impact application reliability in the event that ImageMagick processes a crafted input file. This flaw affects ImageMagick versions prior to 7.0.9-0.
15 CVE-2020-25643 20 DoS Overflow Mem. Corr. 2020-10-06 2021-10-19
7.5
None Remote Medium ??? Partial Partial Complete
A flaw was found in the HDLC_PPP module of the Linux kernel in versions before 5.9-rc7. Memory corruption and a read overflow is caused by improper input validation in the ppp_cp_parse_cr function which can cause the system to crash or cause a denial of service. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
16 CVE-2020-25211 120 Overflow 2020-09-09 2020-11-02
3.6
None Local Low Not required None Partial Partial
In the Linux kernel through 5.8.7, local attackers able to inject conntrack netlink configuration could overflow a local buffer, causing crashes or triggering use of incorrect protocol numbers in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c, aka CID-1cc5ef91d2ff.
17 CVE-2020-25085 787 Overflow 2020-09-25 2021-03-15
4.4
None Local Medium Not required Partial Partial Partial
QEMU 5.0.0 has a heap-based Buffer Overflow in flatview_read_continue in exec.c because hw/sd/sdhci.c mishandles a write operation in the SDHC_BLKSIZE case.
18 CVE-2020-20740 787 Overflow 2020-11-20 2022-01-01
6.8
None Remote Medium Not required Partial Partial Partial
PDFResurrect before 0.20 lack of header validation checks causes heap-buffer-overflow in pdf_get_version().
19 CVE-2020-19667 787 Overflow 2020-11-20 2021-02-24
6.8
None Remote Medium Not required Partial Partial Partial
Stack-based buffer overflow and unconditional jump in ReadXPMImage in coders/xpm.c in ImageMagick 7.0.10-7.
20 CVE-2020-16304 787 Overflow 2020-08-13 2020-08-31
4.3
None Remote Medium Not required None None Partial
A buffer overflow vulnerability in image_render_color_thresh() in base/gxicolor.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted eps file. This is fixed in v9.51.
21 CVE-2020-16302 120 Overflow 2020-08-13 2020-08-31
4.3
None Remote Medium Not required None None Partial
A buffer overflow vulnerability in jetp3852_print_page() in devices/gdev3852.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted PDF file. This is fixed in v9.51.
22 CVE-2020-14392 119 Overflow Mem. Corr. 2020-09-16 2021-10-19
2.1
None Local Low Not required None None Partial
An untrusted pointer dereference flaw was found in Perl-DBI < 1.643. A local attacker who is able to manipulate calls to dbd_db_login6_sv() could cause memory corruption, affecting the service's availability.
23 CVE-2020-14355 120 Exec Code Overflow 2020-10-07 2020-12-04
6.5
None Remote Low ??? Partial Partial Partial
Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system, before spice-0.14.2-1. Both the SPICE client (spice-gtk) and server are affected by these flaws. These flaws allow a malicious client or server to send specially crafted messages that, when processed by the QUIC image compression algorithm, result in a process crash or potential code execution.
24 CVE-2020-13754 119 Overflow 2020-06-02 2020-12-14
4.6
None Local Low Not required Partial Partial Partial
hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access via a crafted address in an msi-x mmio operation.
25 CVE-2020-12268 787 Overflow 2020-04-27 2021-11-02
7.5
None Remote Low Not required Partial Partial Partial
jbig2_image_compose in jbig2_image.c in Artifex jbig2dec before 0.18 has a heap-based buffer overflow.
26 CVE-2020-11945 190 Exec Code Overflow 2020-04-23 2021-03-17
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in Squid before 5.0.2. A remote attacker can replay a sniffed Digest Authentication nonce to gain access to resources that are otherwise forbidden. This occurs because the attacker can overflow the nonce reference counter (a short integer). Remote code execution may occur if the pooled token credentials are freed (instead of replayed as valid credentials).
27 CVE-2020-11046 119 Overflow 2020-05-07 2021-09-14
3.5
None Remote Medium ??? None None Partial
In FreeRDP after 1.0 and before 2.0.0, there is a stream out-of-bounds seek in update_read_synchronize that could lead to a later out-of-bounds read.
28 CVE-2020-10938 787 Overflow 2020-03-24 2022-01-01
7.5
None Remote Low Not required Partial Partial Partial
GraphicsMagick before 1.3.35 has an integer overflow and resultant heap-based buffer overflow in HuffmanDecodeImage in magick/compress.c.
29 CVE-2020-10704 674 DoS Overflow 2020-05-06 2021-12-20
5.0
None Remote Low Not required None None Partial
A flaw was found when using samba as an Active Directory Domain Controller. Due to the way samba handles certain requests as an Active Directory Domain Controller LDAP server, an unauthorized user can cause a stack overflow leading to a denial of service. The highest threat from this vulnerability is to system availability. This issue affects all samba versions before 4.10.15, before 4.11.8 and before 4.12.2.
30 CVE-2020-10595 120 Exec Code Overflow 2020-03-31 2020-04-04
7.5
None Remote Low Not required Partial Partial Partial
pam-krb5 before 4.9 has a buffer overflow that might cause remote code execution in situations involving supplemental prompting by a Kerberos library. It may overflow a buffer provided by the underlying Kerberos library by a single '\0' byte if an attacker responds to a prompt with an answer of a carefully chosen length. The effect may range from heap corruption to stack corruption depending on the structure of the underlying Kerberos library, with unknown effects but possibly including code execution. This code path is not used for normal authentication, but only when the Kerberos library does supplemental prompting, such as with PKINIT or when using the non-standard no_prompt PAM configuration option.
31 CVE-2020-10188 120 Exec Code Overflow 2020-03-06 2021-11-30
10.0
None Remote Low Not required Complete Complete Complete
utility.c in telnetd in netkit telnet through 0.17 allows remote attackers to execute arbitrary code via short writes or urgent data, because of a buffer overflow involving the netclear and nextitem functions.
32 CVE-2020-9498 119 Exec Code Overflow Mem. Corr. 2020-07-02 2021-07-21
6.2
None Local High Not required Complete Complete Complete
Apache Guacamole 1.1.0 and older may mishandle pointers involved inprocessing data received via RDP static virtual channels. If a userconnects to a malicious or compromised RDP server, a series ofspecially-crafted PDUs could result in memory corruption, possiblyallowing arbitrary code to be executed with the privileges of therunning guacd process.
33 CVE-2020-8608 120 Overflow 2020-02-06 2021-02-14
6.8
None Remote Medium Not required Partial Partial Partial
In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code.
34 CVE-2020-8450 119 Overflow 2020-02-04 2021-07-21
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in Squid before 4.10. Due to incorrect buffer management, a remote client can cause a buffer overflow in a Squid instance acting as a reverse proxy.
35 CVE-2020-8285 787 Overflow 2020-12-14 2021-07-20
5.0
None Remote Low Not required None None Partial
curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing.
36 CVE-2020-7039 787 Exec Code Overflow 2020-01-16 2021-02-14
6.8
None Remote Medium Not required Partial Partial Partial
tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMU_IRC. This can cause a heap-based buffer overflow or other out-of-bounds access which can lead to a DoS or potential execute arbitrary code.
37 CVE-2020-6831 120 Overflow Mem. Corr. 2020-05-26 2021-07-21
7.5
None Remote Low Not required Partial Partial Partial
A buffer overflow could occur when parsing and validating SCTP chunks in WebRTC. This could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0.
38 CVE-2020-6426 119 Overflow 2020-03-23 2021-07-21
4.3
None Remote Medium Not required None Partial None
Inappropriate implementation in V8 in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
39 CVE-2020-6061 787 Overflow +Info 2020-02-19 2022-01-01
7.5
None Remote Low Not required Partial Partial Partial
An exploitable heap overflow vulnerability exists in the way CoTURN 4.5.1.1 web server parses POST requests. A specially crafted HTTP POST request can lead to information leaks and other misbehavior. An attacker needs to send an HTTPS request to trigger this vulnerability.
40 CVE-2020-5312 120 Overflow 2020-01-03 2020-07-10
7.5
None Remote Low Not required Partial Partial Partial
libImaging/PcxDecode.c in Pillow before 6.2.2 has a PCX P mode buffer overflow.
41 CVE-2020-5311 120 Overflow 2020-01-03 2020-07-10
7.5
None Remote Low Not required Partial Partial Partial
libImaging/SgiRleDecode.c in Pillow before 6.2.2 has an SGI buffer overflow.
42 CVE-2020-5208 120 Exec Code Overflow 2020-02-05 2021-12-30
6.5
None Remote Low ??? Partial Partial Partial
It's been found that multiple functions in ipmitool before 1.8.19 neglect proper checking of the data received from a remote LAN party, which may lead to buffer overflows and potentially to remote code execution on the ipmitool side. This is especially dangerous if ipmitool is run as a privileged user. This problem is fixed in version 1.8.19.
43 CVE-2020-3327 20 DoS Overflow 2020-05-13 2021-09-22
5.0
None Remote Low Not required None None Partial
A vulnerability in the ARJ archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a heap buffer overflow read. An attacker could exploit this vulnerability by sending a crafted ARJ file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, resulting in a denial of service condition.
44 CVE-2020-0499 125 Overflow 2020-12-15 2021-02-25
4.3
None Remote Medium Not required None None Partial
In FLAC__bitreader_read_rice_signed_block of bitreader.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-156076070
45 CVE-2019-20326 787 Exec Code Overflow 2020-03-16 2021-09-14
6.8
None Remote Medium Not required Partial Partial Partial
A heap-based buffer overflow in _cairo_image_surface_create_from_jpeg() in extensions/cairo_io/cairo-image-surface-jpeg.c in GNOME gThumb before 3.8.3 and Linux Mint Pix before 2.4.5 allows attackers to cause a crash and potentially execute arbitrary code via a crafted JPEG file.
46 CVE-2019-18634 787 Overflow 2020-01-29 2020-02-07
4.6
None Local Low Not required Partial Partial Partial
In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. (pwfeedback is a default setting in Linux Mint and elementary OS; however, it is NOT the default for upstream and many other packages, and would exist only if enabled by an administrator.) The attacker needs to deliver a long string to the stdin of getln() in tgetpass.c.
47 CVE-2019-14562 190 DoS Overflow 2020-11-23 2022-01-01
2.1
None Local Low Not required None None Partial
Integer overflow in DxeImageVerificationHandler() EDK II may allow an authenticated user to potentially enable denial of service via local access.
48 CVE-2019-12521 787 Overflow 2020-04-15 2021-07-21
4.3
None Remote Medium Not required None None Partial
An issue was discovered in Squid through 4.7. When Squid is parsing ESI, it keeps the ESI elements in ESIContext. ESIContext contains a buffer for holding a stack of ESIElements. When a new ESIElement is parsed, it is added via addStackElement. addStackElement has a check for the number of elements in this buffer, but it's off by 1, leading to a Heap Overflow of 1 element. The overflow is within the same structure so it can't affect adjacent memory blocks, and thus just leads to a crash while processing.
49 CVE-2019-12519 787 Overflow 2020-04-15 2021-02-11
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in Squid through 4.7. When handling the tag esi:when when ESI is enabled, Squid calls ESIExpression::Evaluate. This function uses a fixed stack buffer to hold the expression while it's being evaluated. When processing the expression, it could either evaluate the top of the stack, or add a new member to the stack. When adding a new member, there is no check to ensure that the stack won't overflow.
50 CVE-2017-18926 787 Overflow 2020-11-06 2020-11-19
5.8
None Remote Medium Not required None Partial Partial
raptor_xml_writer_start_element_common in raptor_xml_writer.c in Raptor RDF Syntax Library 2.0.15 miscalculates the maximum nspace declarations for the XML writer, leading to heap-based buffer overflows (sometimes seen in raptor_qname_format_as_xml).
Total number of vulnerabilities : 53   Page : 1 (This Page)2
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.