CVSS: 6.5EPSS: 0%CPEs: 45EXPL: 0CVE-2020-13143
https://notcve.org/view.php?id=CVE-2020-13143
18 May 2020 — gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attackers to trigger an out-of-bounds read, aka CID-15753588bcd4. En la función gadget_dev_desc_UDC_store en el archivo drivers/usb/gadget/configfs.c en el kernel de Linux versión 3.16 hasta la versión 5.6.13, se basa en kstrdup sin considerar la posibilidad de un valor "\0" interno, lo que permite a atacantes desenca... • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html • CWE-125: Out-of-bounds Read •
CVSS: 5.3EPSS: 0%CPEs: 44EXPL: 0CVE-2020-12888 – Kernel: vfio: access to disabled MMIO space of some devices may lead to DoS scenario
https://notcve.org/view.php?id=CVE-2020-12888
15 May 2020 — The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space. El controlador VFIO PCI en el kernel de Linux versiones hasta 5.6.13, maneja inapropiadamente los intentos para acceder al espacio de memoria deshabilitado. A flaw was found in the Linux kernel, where it allows userspace processes, for example, a guest VM, to directly access h/w devices via its VFIO driver modules. The VFIO modules allow users to enable or disable access to the devices' MMIO memory ad... • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00008.html • CWE-248: Uncaught Exception CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 6.6EPSS: 0%CPEs: 13EXPL: 1CVE-2020-11521 – freerdp: Out-of-bounds write in planar.c
https://notcve.org/view.php?id=CVE-2020-11521
15 May 2020 — libfreerdp/codec/planar.c in FreeRDP version > 1.0 through 2.0.0-rc4 has an Out-of-bounds Write. El archivo libfreerdp/codec/planar.c en FreeRDP versiones posteriores a 1.0 hasta 2.0.0-rc4, presenta una Escritura Fuera de límites. A flaw was found in freerdp in versions between 1.0 and 2.0.0. An out-of-bounds memory write was found in the planar.c function which could allow an attacker to control data sent from the RDP server to the client. The highest threat from this vulnerability is to data confidentiali... • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html • CWE-125: Out-of-bounds Read CWE-190: Integer Overflow or Wraparound •
CVSS: 3.5EPSS: 0%CPEs: 13EXPL: 1CVE-2020-11526 – freerdp: Stream pointer out of bounds in update_recv_secondary_order could lead out of bounds read later
https://notcve.org/view.php?id=CVE-2020-11526
15 May 2020 — libfreerdp/core/update.c in FreeRDP versions > 1.1 through 2.0.0-rc4 has an Out-of-bounds Read. El archivo libfreerdp/core/update.c en FreeRDP versiones posteriores a 1.1 hasta 2.0.0-rc4, presenta una Lectura Fuera de límites. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html • CWE-125: Out-of-bounds Read CWE-190: Integer Overflow or Wraparound •
CVSS: 3.5EPSS: 0%CPEs: 13EXPL: 1CVE-2020-11525 – freerdp: out-of-bounds read in bitmap.c
https://notcve.org/view.php?id=CVE-2020-11525
15 May 2020 — libfreerdp/cache/bitmap.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Out of bounds read. El archivo libfreerdp/cache/bitmap.c en FreeRDP versiones posteriores a 1.0 hasta 2.0.0-rc4, presenta una Lectura Fuera de límites. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html • CWE-125: Out-of-bounds Read •
CVSS: 6.6EPSS: 0%CPEs: 13EXPL: 1CVE-2020-11523 – freerdp: Integer overflow in region.c
https://notcve.org/view.php?id=CVE-2020-11523
15 May 2020 — libfreerdp/gdi/region.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Integer Overflow. El archivo libfreerdp/gdi/region.c en FreeRDP versiones posteriores a 1.0 hasta 2.0.0-rc4, presenta un Desbordamiento de Enteros. A flaw was found in FreeRDP in versions between 1.0 and 2.0.0. An integer overflow was found in the region.c function which could allow an attacker the ability to control the RDP server as well as the data sent to the client. The highest threat from this vulnerability is to data confident... • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.6EPSS: 0%CPEs: 11EXPL: 1CVE-2020-11524 – freerdp: Out-of-bounds write in interleaved.c
https://notcve.org/view.php?id=CVE-2020-11524
15 May 2020 — libfreerdp/codec/interleaved.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Out-of-bounds Write. El archivo libfreerdp/codec/interleaved.c en FreeRDP versiones posteriores a 1.0 hasta 2.0.0-rc4, presenta una Escritura Fuera de límites. A flaw was found in FreeRDP between versions 1.0 and 2.0.0. An out-of-bounds memory write was found in the interleaved.c function which could allow an attacker to take over and control the RDP server, including data sent to the client. The highest threat from this vulne... • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 13EXPL: 1CVE-2020-11522 – freerdp: out-of-bounds read in gdi.c
https://notcve.org/view.php?id=CVE-2020-11522
15 May 2020 — libfreerdp/gdi/gdi.c in FreeRDP > 1.0 through 2.0.0-rc4 has an Out-of-bounds Read. El archivo libfreerdp/gdi/gdi.c en FreeRDP versiones posteriores a 1.0 hasta 2.0.0-rc4, presenta una Lectura Fuera de límites. • http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 1CVE-2020-3810
https://notcve.org/view.php?id=CVE-2020-3810
14 May 2020 — Missing input validation in the ar/tar implementations of APT before version 2.1.2 could result in denial of service when processing specially crafted deb files. Una falta de comprobación de entrada en las implementaciones de ar/tar de APT versiones anteriores a 2.1.2, podría resultar en una denegación de servicio al procesar archivos deb especialmente diseñados • https://bugs.launchpad.net/bugs/1878177 • CWE-20: Improper Input Validation CWE-125: Out-of-bounds Read •
CVSS: 5.0EPSS: 0%CPEs: 13EXPL: 0CVE-2020-0093 – libexif: out of bounds read due to a missing bounds check in exif_data_save_data_entry function in exif-data.c
https://notcve.org/view.php?id=CVE-2020-0093
14 May 2020 — In exif_data_save_data_entry of exif-data.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-148705132 En la función exif_data_save_data_entry del archivo exif-data.c, se presenta una posible lectura fuera de límites debido a una falta de comprobación de límites. Es... • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00017.html • CWE-125: Out-of-bounds Read •