Skip to main content
CVE-2020-5496 HIGH POC This Week

FontForge 20190801 has a heap-based buffer overflow in the Type2NotDefSplines() function in splinesave.c. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Fontforge Leap
NVD GitHub
CVSS 3.1
8.8
EPSS
2.4%
CVE-2020-5395 HIGH POC This Week

FontForge 20190801 has a use-after-free in SFD_GetFontMetaData in sfd.c. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Memory Corruption Information Disclosure Fontforge Fedora +1
NVD GitHub
CVSS 3.1
8.8
EPSS
2.5%
CVE-2020-5312 CRITICAL PATCH Act Now

libImaging/PcxDecode.c in Pillow before 6.2.2 has a PCX P mode buffer overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Pillow Ubuntu Linux Debian Linux Fedora
NVD GitHub
CVSS 3.1
9.8
EPSS
3.7%
CVE-2020-5311 CRITICAL PATCH Act Now

libImaging/SgiRleDecode.c in Pillow before 6.2.2 has an SGI buffer overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Pillow Ubuntu Linux Debian Linux Fedora
NVD GitHub
CVSS 3.1
9.8
EPSS
4.2%
CVE-2020-5310 HIGH PATCH This Week

libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer overflow, related to realloc. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Integer Overflow Pillow Ubuntu Linux Fedora
NVD GitHub
CVSS 3.1
8.8
EPSS
2.0%
CVE-2020-1871 HIGH This Week

USG9500 with software of V500R001C30SPC100; V500R001C30SPC200; V500R001C30SPC600; V500R001C60SPC500; V500R005C00SPC100; V500R005C00SPC200 have an improper credentials management vulnerability. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Usg9500 Firmware
NVD
CVSS 3.1
8.2
EPSS
0.6%
CVE-2020-5313 HIGH PATCH This Week

libImaging/FliDecode.c in Pillow before 6.2.2 has an FLI buffer overflow. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Pillow Ubuntu Linux Debian Linux +1
NVD GitHub
CVSS 3.1
7.1
EPSS
2.8%
CVE-2020-1785 MEDIUM This Month

Mate 10 Pro;Honor V10;Honor 10;Nova 4 smartphones have a denial of service vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Mate 10 Pro Firmware Honor V10 Firmware Honor 10 Firmware Nova 4 Firmware
NVD
CVSS 3.1
5.5
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy