CVSS: 7.1EPSS: 6%CPEs: 5EXPL: 0CVE-2020-25687 – dnsmasq: heap-based buffer overflow with large memcpy in sort_rrset() when DNSSEC is enabled
https://notcve.org/view.php?id=CVE-2020-25687
19 Jan 2021 — Issues addressed include bypass, denial of service, integer overflow, man-in-the-middle, and memory leak vulnerabilities. • https://bugzilla.redhat.com/show_bug.cgi?id=1891568 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.1EPSS: 6%CPEs: 5EXPL: 0CVE-2020-25683 – dnsmasq: heap-based buffer overflow with large memcpy in get_rdata() when DNSSEC is enabled
https://notcve.org/view.php?id=CVE-2020-25683
19 Jan 2021 — Issues addressed include bypass, denial of service, integer overflow, man-in-the-middle, and memory leak vulnerabilities. • https://bugzilla.redhat.com/show_bug.cgi?id=1882018 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2020-14409 – Gentoo Linux Security Advisory 202107-55
https://notcve.org/view.php?id=CVE-2020-14409
19 Jan 2021 — SDL (Simple DirectMedia Layer) through 2.0.12 has an Integer Overflow (and resultant SDL_memcpy heap corruption) in SDL_BlitCopy in video/SDL_blit_copy.c via a crafted .BMP file. • https://bugzilla.libsdl.org/show_bug.cgi?id=5200 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 4.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-22132 – elasticsearch: executing async search improperly stores HTTP headers leading to information disclosure
https://notcve.org/view.php?id=CVE-2021-22132
14 Jan 2021 — Issues addressed include denial of service, information leakage, integer overflow, and resource exhaustion vulnerabilities. • https://discuss.elastic.co/t/elasticsearch-7-10-2-security-update/261164 • CWE-522: Insufficiently Protected Credentials •
CVSS: 8.1EPSS: 0%CPEs: 5EXPL: 0CVE-2020-28374 – kernel: SCSI target (LIO) write to any block on ILO backstore
https://notcve.org/view.php?id=CVE-2020-28374
13 Jan 2021 — Issues addressed include code execution, denial of service, integer overflow, and null pointer vulnerabilities. • http://packetstormsecurity.com/files/161229/Kernel-Live-Patch-Security-Notice-LSN-0074-1.html • CWE-20: Improper Input Validation CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2021-0312
https://notcve.org/view.php?id=CVE-2021-0312
11 Jan 2021 — In WAVSource::read of WAVExtractor.cpp, there is a possible out of bounds write due to an integer overflow. • https://source.android.com/security/bulletin/2021-01-01 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0CVE-2021-0342 – kernel: use after free in tun_get_user of tun.c could lead to local escalation of privilege
https://notcve.org/view.php?id=CVE-2021-0342
11 Jan 2021 — Issues addressed include denial of service, integer overflow, null pointer, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • https://source.android.com/security/bulletin/pixel/2021-01-01 • CWE-416: Use After Free •
CVSS: 8.6EPSS: 1%CPEs: 7EXPL: 0CVE-2021-3121 – gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation
https://notcve.org/view.php?id=CVE-2021-3121
11 Jan 2021 — Issues addressed include code execution, denial of service, integer overflow, and null pointer vulnerabilities. • https://discuss.hashicorp.com/t/hcsec-2021-23-consul-exposed-to-denial-of-service-in-gogo-protobuf-dependency/29025 • CWE-129: Improper Validation of Array Index •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2021-1059
https://notcve.org/view.php?id=CVE-2021-1059
08 Jan 2021 — NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which an input index is not validated, which may lead to integer overflow, which in turn may cause tampering of data, information disclosure, or denial of service. • https://nvidia.custhelp.com/app/answers/detail/a_id/5142 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2020-27843 – openjpeg: out-of-bounds read in opj_t2_encode_packet function in openjp2/t2.c
https://notcve.org/view.php?id=CVE-2020-27843
05 Jan 2021 — Issues addressed include buffer overflow, code execution, denial of service, double free, integer overflow, null pointer, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • https://bugzilla.redhat.com/show_bug.cgi?id=1907516 • CWE-125: Out-of-bounds Read •