Skip to main content
CVE-2020-6623 HIGH POC This Week

stb stb_truetype.h through 1.22 has an assertion failure in stbtt__cff_get_index. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Stb Truetype H
NVD GitHub
CVSS 3.1
8.8
EPSS
1.5%
CVE-2020-6622 HIGH POC This Week

stb stb_truetype.h through 1.22 has a heap-based buffer over-read in stbtt__buf_peek8. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Stb Truetype H
NVD GitHub
CVSS 3.1
8.8
EPSS
1.4%
CVE-2020-6621 HIGH POC This Week

stb stb_truetype.h through 1.22 has a heap-based buffer over-read in ttUSHORT. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Stb Truetype H
NVD GitHub
CVSS 3.1
8.8
EPSS
1.1%
CVE-2020-6620 HIGH POC This Week

stb stb_truetype.h through 1.22 has a heap-based buffer over-read in stbtt__buf_get8. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Stb Truetype H
NVD GitHub
CVSS 3.1
8.8
EPSS
1.1%
CVE-2020-6619 HIGH POC This Week

stb stb_truetype.h through 1.22 has an assertion failure in stbtt__buf_seek. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Stb Truetype H
NVD GitHub
CVSS 3.1
8.8
EPSS
1.1%
CVE-2020-6618 HIGH POC This Week

stb stb_truetype.h through 1.22 has a heap-based buffer over-read in stbtt__find_table. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Stb Truetype H
NVD GitHub
CVSS 3.1
8.8
EPSS
1.1%
CVE-2020-6617 HIGH POC This Week

stb stb_truetype.h through 1.22 has an assertion failure in stbtt__cff_int. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Stb Truetype H
NVD GitHub
CVSS 3.1
8.8
EPSS
1.1%
CVE-2020-6609 HIGH POC This Week

GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in read_pages_map in decode_r2007.c. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Libredwg Backports Sle Leap
NVD GitHub
CVSS 3.1
8.8
EPSS
1.8%
CVE-2020-5511 HIGH POC This Week

PHPGurukul Small CRM v2.0 was found vulnerable to authentication bypass via SQL injection when logging into the administrator login page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Authentication Bypass Small Crm
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
1.7%
CVE-2020-6614 HIGH POC This Week

GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in bfr_read in decode.c. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Libredwg Backports Sle Leap
NVD GitHub
CVSS 3.1
8.1
EPSS
1.7%
CVE-2020-6613 HIGH POC This Week

GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in bit_search_sentinel in bits.c. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Libredwg Backports Sle Leap
NVD GitHub
CVSS 3.1
8.1
EPSS
1.7%
CVE-2020-6612 HIGH POC This Week

GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in copy_compressed_bytes in decode_r2007.c. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Libredwg Backports Sle Leap
NVD GitHub
CVSS 3.1
8.1
EPSS
1.7%
CVE-2020-5183 HIGH POC This Week

FTPGetter Professional 5.97.0.223 is vulnerable to a memory corruption bug when a user sends a specially crafted string to the application. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Null Pointer Dereference Denial Of Service Ftpgetter
NVD Exploit-DB
CVSS 3.1
7.5
EPSS
2.0%
CVE-2020-0002 HIGH PATCH This Week

In ih264d_init_decoder of ih264d_api.c, there is a possible out of bounds write due to a use after free. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Buffer Overflow Memory Corruption RCE Google +2
NVD
CVSS 3.1
8.8
EPSS
1.4%
CVE-2020-0001 HIGH This Week

In getProcessRecordLocked of ActivityManagerService.java isolated apps are not handled correctly. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Java Privilege Escalation Android
NVD
CVSS 3.1
7.8
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy