Wind River Support Network

HomeCVE Database

The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.

Reset
Showing
of 1855 entries
IDDescriptionPriorityModified dateFixed Release
CVE-2020-12352 An information leak flaw was found in the way Linux kernel Bluetooth stack implementation handled initialization of stack memory when handling certain AMP packets. A remote attacker in adjacent range could use this flaw to leak small portions of stack memory on the system by sending a specially crafted AMP packets. LOW Oct 20, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-21674 Heap-based buffer overflow in archive_string_append_from_wcs() (archive_string.c) in libarchive-3.4.1dev allows remote attackers to cause a denial of service (out-of-bounds write in heap memory resulting into a crash) via a crafted archive file. NOTE: this only affects users who downloaded the development code from GitHub. Users of the product\'s official releases are unaffected. MEDIUM Oct 15, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-27153 In BlueZ before 5.55, a double free was found in the gatttool disconnect_cb() routine from shared/att.c. A remote attacker could potentially cause a denial of service or code execution, during service discovery, due to a redundant disconnect MGMT event. HIGH Oct 15, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-25641 A flaw was found in the Linux kernel\'s implementation of biovecs in versions before 5.9-rc7. A zero-length biovec request issued by the block subsystem could cause the kernel to enter an infinite loop, causing a denial of service. This flaw allows a local attacker with basic privileges to issue requests to a block device, resulting in a denial of service. The highest threat from this vulnerability is to system availability. MEDIUM Oct 11, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-25643 A flaw was found in the HDLC_PPP module of the Linux kernel in versions before 5.9-rc7. Memory corruption and a read overflow is caused by improper input validation in the ppp_cp_parse_cr function which can cause the system to crash or cause a denial of service. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. HIGH Oct 11, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-26935 An issue was discovered in SearchController in phpMyAdmin before 4.9.6 and 5.x before 5.0.3. A SQL injection vulnerability was discovered in how phpMyAdmin processes SQL statements in the search feature. An attacker could use this flaw to inject malicious SQL in to a query. HIGH Oct 10, 2020 10.17.41.24 (Wind River Linux LTS 17)
CVE-2020-26934 phpMyAdmin before 4.9.6 and 5.x before 5.0.3 allows XSS through the transformation feature via a crafted link. MEDIUM Oct 10, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-26154 url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when PAC is enabled, as demonstrated by a large PAC file that is delivered without a Content-length header. MEDIUM Oct 9, 2020 10.17.41.24 (Wind River Linux LTS 17)
CVE-2020-26116 http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of HTTPConnection.request. MEDIUM Oct 8, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-25637 A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit access control driver. Specifically, clients connecting to the read-write socket with limited ACL permissions could use this flaw to crash the libvirt daemon, resulting in a denial of service, or potentially escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. HIGH Oct 8, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-7069 In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when AES-CCM mode is used with openssl_encrypt() function with 12 bytes IV, only first 7 bytes of the IV is actually used. This can lead to both decreased security and incorrect encryption data. MEDIUM Oct 7, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-7070 In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when PHP is processing incoming HTTP cookie values, the cookie names are url-decoded. This may lead to cookies with prefixes like __Host confused with cookies that decode to such prefix, thus leading to an attacker being able to forge cookie which is supposed to be secure. See also CVE-2020-8184 for more information. MEDIUM Oct 7, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-25613 An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a simple HTTP server bundled with Ruby, had not checked the transfer-encoding header value rigorously. An attacker may potentially exploit this issue to bypass a reverse proxy (which also has a poor header check), which may lead to an HTTP Request Smuggling attack. MEDIUM Oct 6, 2020 10.17.41.24 (Wind River Linux LTS 17)
CVE-2020-26137 urllib3 before 1.25.9 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of putrequest(). NOTE: this is similar to CVE-2020-26116. MEDIUM Sep 30, 2020 10.17.41.24 (Wind River Linux LTS 17)
CVE-2020-25625 hw/usb/hcd-ohci.c in QEMU 5.0.0 has an infinite loop when a TD list has a loop. MEDIUM Sep 25, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-25085 QEMU 5.0.0 has a heap-based Buffer Overflow in flatview_read_continue in exec.c because hw/sd/sdhci.c mishandles a write operation in the SDHC_BLKSIZE case. MEDIUM Sep 25, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-25084 QEMU 5.0.0 has a use-after-free in hw/usb/hcd-xhci.c because the usb_packet_map return value is not checked. LOW Sep 25, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-26088 A missing CAP_NET_RAW check in NFC socket creation in net/nfc/rawsock.c in the Linux kernel before 5.8.2 could be used by local attackers to create raw sockets, bypassing security mechanisms, aka CID-26896f01467a. LOW Sep 24, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-14392 An untrusted pointer dereference flaw was found in Perl-DBI < 1.643. A local attacker who is able to manipulate calls to dbd_db_login6_sv() could cause memory corruption, affecting the service\'s availability. LOW Sep 20, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-14393 A buffer overflow was found in perl-DBI < 1.643 in DBI.xs. A local attacker who is able to supply a string longer than 300 characters could cause an out-of-bounds write, affecting the availability of the service or integrity of data. LOW Sep 20, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-14390 A flaw was found in the Linux kernel in versions from 2.2.3 through 5.9.rc5. When changing screen size, an out-of-bounds memory write can occur leading to memory corruption or a denial of service. This highest threat from this vulnerability is to system availability. MEDIUM Sep 18, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2019-20919 An issue was discovered in the DBI module before 1.643 for Perl. The hv_fetch() documentation requires checking for NULL and the code does that. But, shortly thereafter, it calls SvOK(profile), causing a NULL pointer dereference. MEDIUM Sep 18, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-0404 In uvc_scan_chain_forward of uvc_driver.c, there is a possible linked list corruption due to an unusual root cause. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-111893654References: Upstream kernel HIGH Sep 17, 2020 10.17.41.24 (Wind River Linux LTS 17)
CVE-2020-0433 In blk_mq_queue_tag_busy_iter of blk-mq-tag.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-151939299 MEDIUM Sep 17, 2020 10.17.41.24 (Wind River Linux LTS 17)
CVE-2014-10402 An issue was discovered in the DBI module through 1.643 for Perl. DBD::File drivers can open files from folders other than those specifically passed via the f_dir attribute in the data source name (DSN). NOTE: this issue exists because of an incomplete fix for CVE-2014-10401. -- Sep 16, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-10768 A flaw was found in the Linux Kernel before 5.8-rc1 in the prctl() function, where it can be used to enable indirect branch speculation after it has been disabled. This call incorrectly reports it as being \'force disabled\' when it is not and opens the system to Spectre v2 attacks. The highest threat from this vulnerability is to confidentiality. LOW Sep 16, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-10766 A logic bug flaw was found in Linux kernel before 5.8-rc1 in the implementation of SSBD. A bug in the logic handling allows an attacker with a local account to disable SSBD protection during a context switch when additional speculative execution mitigations are in place. This issue was introduced when the per task/process conditional STIPB switching was added on top of the existing SSBD switching. The highest threat from this vulnerability is to confidentiality. LOW Sep 16, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-10767 A flaw was found in the Linux kernel before 5.8-rc1 in the implementation of the Enhanced IBPB (Indirect Branch Prediction Barrier). The IBPB mitigation will be disabled when STIBP is not available or when the Enhanced Indirect Branch Restricted Speculation (IBRS) is available. This flaw allows a local attacker to perform a Spectre V2 style attack when this configuration is active. The highest threat from this vulnerability is to confidentiality. LOW Sep 16, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2019-8696 A stack-buffer-overflow was found in libcups\'s asn1_get_packed function MEDIUM Sep 15, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-3898 The ppdOpen function did not handle invalid UI MEDIUM Sep 15, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2019-8675 A stack-buffer-overflow was found in libcups\'s asn1_get_type function MEDIUM Sep 15, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-14314 A memory out-of-bounds read flaw was found in the Linux kernel before 5.9-rc2 with the ext3/ext4 file system, in the way it accesses a directory with broken indexing. This flaw allows a local user to crash the system if the directory exists. The highest threat from this vulnerability is to system availability. LOW Sep 15, 2020 10.17.41.24 (Wind River Linux LTS 17)
CVE-2019-8842 The ippReadIO function may under-read an extension LOW Sep 15, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-25285 A race condition between hugetlb sysctl handlers in mm/hugetlb.c in the Linux kernel before 5.8.8 could be used by local attackers to corrupt memory, cause a NULL pointer dereference, or possibly have unspecified other impact, aka CID-17743798d812. MEDIUM Sep 13, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-25284 The rbd block device driver in drivers/block/rbd.c in the Linux kernel through 5.8.9 used incomplete permission checking for access to rbd devices, which could be leveraged by local attackers to map or unmap rbd block devices, aka CID-f44d04e696fe. LOW Sep 13, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-25219 url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger uncontrolled recursion via a response composed of an infinite stream that lacks a newline character. This leads to stack exhaustion. MEDIUM Sep 12, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-10773 A stack information leak flaw was found in s390/s390x in the Linux kernel’s memory manager functionality, where it incorrectly writes to the /proc/sys/vm/cmm_timeout file. This flaw allows a local user to see the kernel data. LOW Sep 10, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2019-17007 Main entrypoint for decoding DER blobs in NSS, CERT_DecodeCertPackage() mishandles old Netscape Certificate Sequences, with possible crash as NULL pointer is dereferenced, leading to DoS. MEDIUM Sep 9, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-1749 A flaw was found in the Linux kernel\'s implementation of some networking protocols in IPsec, such as VXLAN and GENEVE tunnels over IPv6. When an encrypted tunnel is created between two hosts, the kernel isn\'t correctly routing tunneled data over the encrypted link; rather sending the data unencrypted. This would allow anyone in between the two endpoints to read the traffic unencrypted. The main threat from this vulnerability is to data confidentiality. MEDIUM Sep 9, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-14386 A vulnerability was found in Linux Kernel, which leads to a memory corruption in (net/packet/af_packet.c). It can be exploited to gain root privileges from unprivileged processes. HIGH Sep 9, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-25212 A TOCTOU mismatch in the NFS client code in the Linux kernel before 5.8.3 could be used by local attackers to corrupt memory or possibly have unspecified other impact because a size check is in fs/nfs/nfs4proc.c instead of fs/nfs/nfs4xdr.c, aka CID-b4487b935452. MEDIUM Sep 9, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-7068 In PHP versions 7.2.x below 7.3.21, 7.3.x below 7.3.21 and 7.4.x below 7.4.9, while processing PHAR files using phar extension, phar_parse_zipfile could be tricked into accessing freed memory, which could lead to a crash or information disclosure. MEDIUM Sep 9, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-24659 An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer dereference in a TLS 1.3 client if a no_renegotiation alert is sent with unexpected timing, and then an invalid second handshake occurs. The crash happens in the application\'s error handling path, where the gnutls_deinit function is called after detecting a handshake failure. MEDIUM Sep 6, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-24977 GNOME project libxml2 v2.9.10 and earlier have a global Buffer Overflow vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 8e7c20a1 (20910-GITv2.9.10-103-g8e7c20a1). HIGH Sep 4, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2019-20916 The pip package before 19.2 for Python allows Directory Traversal when a URL is given in an install command, because a Content-Disposition header can have ../ in a filename, as demonstrated by overwriting the /root/.ssh/authorized_keys file. This occurs in _download_http_url in _internal/download.py. MEDIUM Sep 4, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-14364 An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice \'setup_len\' exceeds its \'data_buf[4096]\' in the do_token_in, do_token_out routines. This flaw allows a guest user to crash the QEMU process, resulting in a denial of service, or the potential execution of arbitrary code with the privileges of the QEMU process on the host. HIGH Sep 4, 2020 10.17.41.22 (Wind River Linux LTS 17)
CVE-2020-24978 In NASM 2.15.04rc3, there is a double-free vulnerability in pp_tokline asm/preproc.c. This is fixed in commit 8806c3ca007b84accac21dd88b900fb03614ceb7. HIGH Sep 4, 2020 10.17.41.23 (Wind River Linux LTS 17)
CVE-2020-24553 Go before 1.14.8 and 1.15.x before 1.15.1 allows XSS because text/html is the default for CGI/FCGI handlers that lack a Content-Type header. MEDIUM Sep 3, 2020 10.17.41.22 (Wind River Linux LTS 17)
CVE-2020-10720 A flaw was found in the Linux kernel\'s implementation of GRO in versions before 5.2. This flaw allows an attacker with local access to crash the system. MEDIUM Sep 3, 2020 10.17.41.22 (Wind River Linux LTS 17)
CVE-2020-14373 A use after free was found in igc_reloc_struct_ptr() of psi/igc.c of ghostscript-9.25. A local attacker could supply a specially crafted PDF file to cause a denial of service. LOW Sep 3, 2020 10.17.41.23 (Wind River Linux LTS 17)
The 'Fixed Release' column is displayed if a single product version is selected from the filter. The fixed release is applicable in cases when the CVE has been addressed and fixed for that product version.
Live chat
Online