CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-0444 – kernel: bad kfree in auditfilter.c may lead to escalation of privilege
https://notcve.org/view.php?id=CVE-2020-0444
14 Dec 2020 — Issues addressed include bypass, denial of service, integer overflow, man-in-the-middle, and memory leak vulnerabilities. • https://source.android.com/security/bulletin/2020-12-01 • CWE-244: Improper Clearing of Heap Memory Before Release ('Heap Inspection') CWE-763: Release of Invalid Pointer or Reference •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-0466 – kernel: use after free in eventpoll.c may lead to escalation of privilege
https://notcve.org/view.php?id=CVE-2020-0466
14 Dec 2020 — Issues addressed include code execution, denial of service, integer overflow, and null pointer vulnerabilities. • https://source.android.com/security/bulletin/2020-12-01 • CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-17444
https://notcve.org/view.php?id=CVE-2020-17444
11 Dec 2020 — An issue was discovered in picoTCP 1.7.0. The routine for processing the next header field (and deducing whether the IPv6 extension headers are valid) doesn't check whether the header extension length field would overflow. Therefore, if it wraps around to zero, iterating through the extension headers will not increment the current data pointer. This leads to an infinite loop and Denial-of-Service in pico_ipv6_check_headers_sequence() in pico_ipv6.c. Se detectó un problema en picoTCP versión 1.7.0. • https://us-cert.cisa.gov/ics/advisories/icsa-20-343-01 • CWE-20: Improper Input Validation CWE-190: Integer Overflow or Wraparound CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-17443
https://notcve.org/view.php?id=CVE-2020-17443
11 Dec 2020 — If the size of the incoming ICMPv6 request packet is shorter than this, the operation that calculates the size of the ICMPv6 echo replies has an integer wrap around, leading to memory corruption and, eventually, Denial-of-Service in pico_icmp6_send_echoreply_not_frag in pico_icmp6.c. • https://us-cert.cisa.gov/ics/advisories/icsa-20-343-01 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-17442
https://notcve.org/view.php?id=CVE-2020-17442
11 Dec 2020 — The code for parsing the hop-by-hop IPv6 extension headers does not validate the bounds of the extension header length value, which may result in Integer Wraparound. Therefore, a crafted extension header length value may cause Denial-of-Service because it affects the loop in which the extension headers are parsed in pico_ipv6_process_hopbyhop() in pico_ipv6.c. • https://us-cert.cisa.gov/ics/advisories/icsa-20-343-01 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-13988 – Ubuntu Security Notice USN-6259-1
https://notcve.org/view.php?id=CVE-2020-13988
11 Dec 2020 — An Integer Overflow exists in the uIP TCP/IP Stack component when parsing TCP MSS options of IPv4 network packets in uip_process in net/ipv4/uip.c. • https://us-cert.cisa.gov/ics/advisories/icsa-20-343-01 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-13985
https://notcve.org/view.php?id=CVE-2020-13985
11 Dec 2020 — An issue was discovered in Contiki through 3.0. A memory corruption vulnerability exists in the uIP TCP/IP stack component when handling RPL extension headers of IPv6 network packets in rpl_remove_header in net/rpl/rpl-ext-header.c. Se detectó un problema en Contiki versiones hasta 3.0. Se presenta una vulnerabilidad de corrupción de memoria en el componente uIP TCP/IP Stack cuando se manejan encabezados de extensión RPL de paquetes de red IPv6 en la función rpl_remove_header en el archivo net/rpl/rpl-... • https://us-cert.cisa.gov/ics/advisories/icsa-20-343-01 • CWE-190: Integer Overflow or Wraparound CWE-681: Incorrect Conversion between Numeric Types CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 5CVE-2020-27786 – kernel: use-after-free in kernel midi subsystem
https://notcve.org/view.php?id=CVE-2020-27786
11 Dec 2020 — Issues addressed include denial of service, integer overflow, null pointer, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • https://github.com/kiks7/CVE-2020-27786-Kernel-Exploit • CWE-416: Use After Free •
CVSS: 5.7EPSS: 0%CPEs: 12EXPL: 0CVE-2020-27350 – apt integer wraparound
https://notcve.org/view.php?id=CVE-2020-27350
10 Dec 2020 — APT had several integer overflows and underflows while parsing .deb packages, aka GHSL-2020-168 GHSL-2020-169, in files apt-pkg/contrib/extracttar.cc, apt-pkg/deb/debfile.cc, and apt-pkg/contrib/arfile.cc. • https://bugs.launchpad.net/bugs/1899193 • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.3EPSS: 0%CPEs: 16EXPL: 0CVE-2020-10015 – Apple macOS process_token_BlitLibSetup3D Out-Of-Bounds Access Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2020-10015
09 Dec 2020 — An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the kernel. macOS Big Sur 11.1, Security Update 2020-001 Catalina, and Security Update 2020-007 Mojave address buffer overflow, bypass, code execution, denial of service, information leakage, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities. • https://support.apple.com/en-us/HT211931 • CWE-787: Out-of-bounds Write •