|
2020-06-03
|
CVE-2020-11080
|
In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial of service. The proof of concept attack involves a malicious client constructing a SETTINGS frame with a length of 14,400 bytes (2400 individual settings entries) over and over again. The attack causes the CPU to spike at 100%. nghttp2 v1.41.0 fixes this vulnerability. There is a workaround to this vulnerability. Implement nghttp2_on_frame_recv_callback callback, and if received frame is SETTINGS...
|
Debian_linux, Fedora, Nghttp2, Node\.js, Leap, Banking_extensibility_workbench, Blockchain_platform, Enterprise_communications_broker, Graalvm, Mysql
|
7.5
|
|
|
|
2020-06-05
|
CVE-2020-10543
|
Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow.
|
Fedora, Leap, Communications_billing_and_revenue_management, Communications_diameter_signaling_router, Communications_eagle_application_processor, Communications_eagle_lnp_application_processor, Communications_lsms, Communications_offline_mediation_controller, Communications_performance_intelligence_center, Communications_pricing_design_center, Configuration_manager, Enterprise_manager_base_platform, Sd\-Wan_edge, Tekelec_platform_distribution, Perl
|
8.2
|
|
|
|
2020-06-05
|
CVE-2020-10878
|
Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection.
|
Fedora, Oncommand_workflow_automation, Snap_creator_framework, Leap, Communications_billing_and_revenue_management, Communications_diameter_signaling_router, Communications_eagle_application_processor, Communications_eagle_lnp_application_processor, Communications_lsms, Communications_offline_mediation_controller, Communications_performance_intelligence_center, Communications_pricing_design_center, Configuration_manager, Enterprise_manager_base_platform, Sd\-Wan_aware, Tekelec_platform_distribution, Perl
|
8.6
|
|
|
|
2020-06-09
|
CVE-2020-10761
|
An assertion failure issue was found in the Network Block Device(NBD) Server in all QEMU versions before QEMU 5.0.1. This flaw occurs when an nbd-client sends a spec-compliant request that is near the boundary of maximum permitted request length. A remote nbd-client could use this flaw to crash the qemu-nbd server resulting in a denial of service.
|
Ubuntu_linux, Leap, Qemu, Enterprise_linux
|
5.0
|
|
|
|
2020-06-15
|
CVE-2020-0543
|
Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
|
Ubuntu_linux, Fedora, Celeron_1000m, Celeron_1005m, Celeron_1007u, Celeron_1017u, Celeron_1019y, Celeron_1020e, Celeron_1020m, Celeron_1037u, Celeron_1047ue, Celeron_2955u, Celeron_2957u, Celeron_2970m, Celeron_2980u, Celeron_2981u, Celeron_3755u, Celeron_3765u, Celeron_3855u, Celeron_3865u, Celeron_3955u, Celeron_3965u, Celeron_3965y, Celeron_5305u, Celeron_725c, Celeron_927ue, Celeron_g1610, Celeron_g1610t, Celeron_g1620, Celeron_g1620t, Celeron_g1630, Celeron_g1820, Celeron_g1820t, Celeron_g1830, Celeron_g1840, Celeron_g1840t, Celeron_g1850, Celeron_g3900, Celeron_g3900t, Celeron_g3900te, Celeron_g3902e, Celeron_g3920, Celeron_g3920t, Celeron_g3930e, Celeron_g3930te, Celeron_g3940, Celeron_g4900, Celeron_g4900t, Celeron_g4920, Celeron_g4930, Celeron_g4950, Core_4205u, Core_4410y, Core_4415y, Core_5405u, Core_8269u, Core_9300h, Core_9750hf, Core_i3\-2115c, Core_i3\-3110m, Core_i3\-3115c, Core_i3\-3120m, Core_i3\-3120me, Core_i3\-3130m, Core_i3\-3210, Core_i3\-3217u, Core_i3\-3217ue, Core_i3\-3220, Core_i3\-3220t, Core_i3\-3225, Core_i3\-3227u, Core_i3\-3229y, Core_i3\-3240, Core_i3\-3240t, Core_i3\-3245, Core_i3\-3250, Core_i3\-3250t, Core_i3\-4005u, Core_i3\-4010u, Core_i3\-4010y, Core_i3\-4012y, Core_i3\-4020y, Core_i3\-4025u, Core_i3\-4030u, Core_i3\-4030y, Core_i3\-4100m, Core_i3\-4100u, Core_i3\-4110m, Core_i3\-4120u, Core_i3\-4130, Core_i3\-4130t, Core_i3\-4150, Core_i3\-4150t, Core_i3\-4158u, Core_i3\-4160, Core_i3\-4160t, Core_i3\-4170, Core_i3\-4170t, Core_i3\-4330, Core_i3\-4330t, Core_i3\-4340, Core_i3\-4350, Core_i3\-4350t, Core_i3\-4360, Core_i3\-4360t, Core_i3\-4370, Core_i3\-4370t, Core_i3\-5005u, Core_i3\-5006u, Core_i3\-5010u, Core_i3\-5015u, Core_i3\-5020u, Core_i3\-5157u, Core_i3\-6100, Core_i3\-6100e, Core_i3\-6100h, Core_i3\-6100t, Core_i3\-6100te, Core_i3\-6100u, Core_i3\-6102e, Core_i3\-6110u, Core_i3\-6120, Core_i3\-6120t, Core_i3\-6167u, Core_i3\-6300, Core_i3\-6300t, Core_i3\-6320, Core_i3\-6320t, Core_i3\-7007u, Core_i3\-7020u, Core_i3\-7100e, Core_i3\-7100h, Core_i3\-7100u, Core_i3\-7101e, Core_i3\-7101te, Core_i3\-7102e, Core_i3\-7110u, Core_i3\-7120, Core_i3\-7120t, Core_i3\-7130u, Core_i3\-7167u, Core_i3\-7320t, Core_i3\-7340, Core_i3\-8000, Core_i3\-8000t, Core_i3\-8020, Core_i3\-8100, Core_i3\-8100h, Core_i3\-8100t, Core_i3\-8109u, Core_i3\-8120, Core_i3\-8130u, Core_i3\-8145u, Core_i3\-8300, Core_i3\-8300t, Core_i3\-8350k, Core_i3\-I3\-8100h, Core_i5\-10110y, Core_i5\-10210u, Core_i5\-10210y, Core_i5\-10310y, Core_i5\-3210m, Core_i5\-3230m, Core_i5\-3317u, Core_i5\-3320m, Core_i5\-3330, Core_i5\-3330s, Core_i5\-3337u, Core_i5\-3339y, Core_i5\-3340, Core_i5\-3340m, Core_i5\-3340s, Core_i5\-3350p, Core_i5\-3360m, Core_i5\-3380m, Core_i5\-3427u, Core_i5\-3437u, Core_i5\-3439y, Core_i5\-3450, Core_i5\-3450s, Core_i5\-3470, Core_i5\-3470s, Core_i5\-3470t, Core_i5\-3475s, Core_i5\-3550, Core_i5\-3550s, Core_i5\-3570, Core_i5\-3570k, Core_i5\-3570s, Core_i5\-3570t, Core_i5\-3610me, Core_i5\-4200u, Core_i5\-4200y, Core_i5\-4202y, Core_i5\-4210h, Core_i5\-4210u, Core_i5\-4210y, Core_i5\-4220y, Core_i5\-4250u, Core_i5\-4258u, Core_i5\-4260u, Core_i5\-4278u, Core_i5\-4288u, Core_i5\-4300u, Core_i5\-4300y, Core_i5\-4302y, Core_i5\-4308u, Core_i5\-4350u, Core_i5\-4402ec, Core_i5\-4430, Core_i5\-4430s, Core_i5\-4440, Core_i5\-4440s, Core_i5\-4460, Core_i5\-4460s, Core_i5\-4460t, Core_i5\-4570, Core_i5\-4570r, Core_i5\-4570s, Core_i5\-4570t, Core_i5\-4590, Core_i5\-4590s, Core_i5\-4590t, Core_i5\-4670, Core_i5\-4670k, Core_i5\-4670r, Core_i5\-4670s, Core_i5\-4670t, Core_i5\-4690, Core_i5\-4690s, Core_i5\-4690t, Core_i5\-5200u, Core_i5\-5250u, Core_i5\-5257u, Core_i5\-5287u, Core_i5\-5350, Core_i5\-5350u, Core_i5\-5575r, Core_i5\-5675c, Core_i5\-5675r, Core_i5\-6200u, Core_i5\-6210u, Core_i5\-6260u, Core_i5\-6267u, Core_i5\-6287u, Core_i5\-6300hq, Core_i5\-6300u, Core_i5\-6310u, Core_i5\-6350hq, Core_i5\-6360u, Core_i5\-6400, Core_i5\-6400t, Core_i5\-6440eq, Core_i5\-6440hq, Core_i5\-6442eq, Core_i5\-6500, Core_i5\-6500t, Core_i5\-6500te, Core_i5\-6600, Core_i5\-6600k, Core_i5\-6600t, Core_i5\-7200u, Core_i5\-7210u, Core_i5\-7260u, Core_i5\-7267u, Core_i5\-7287u, Core_i5\-7300hq, Core_i5\-7300u, Core_i5\-7360u, Core_i5\-7400, Core_i5\-7400t, Core_i5\-7440eq, Core_i5\-7440hq, Core_i5\-7442eq, Core_i5\-7500, Core_i5\-7500t, Core_i5\-7500u, Core_i5\-7600, Core_i5\-7600k, Core_i5\-7600t, Core_i5\-7640x, Core_i5\-7y54, Core_i5\-7y57_, Core_i5\-8200y, Core_i5\-8210y, Core_i5\-8250u, Core_i5\-8259u, Core_i5\-8265u, Core_i5\-8300h, Core_i5\-8305g, Core_i5\-8310y, Core_i5\-8350u, Core_i5\-8365u, Core_i5\-8400, Core_i5\-8400b, Core_i5\-8400h, Core_i5\-8400t, Core_i5\-8420, Core_i5\-8420t, Core_i5\-8500, Core_i5\-8500b, Core_i5\-8500t, Core_i5\-8550, Core_i5\-8600, Core_i5\-8600k, Core_i5\-8600t, Core_i5\-8650, Core_i5\-8650k, Core_i5\-9400, Core_i5\-9400f, Core_i5\-9400h, Core_i5\-9600k, Core_i5\-9600kf, Core_i7\-10510u, Core_i7\-10510y, Core_i7\-3517u, Core_i7\-3517ue, Core_i7\-3520m, Core_i7\-3537u, Core_i7\-3540m, Core_i7\-3555le, Core_i7\-3610qe, Core_i7\-3610qm, Core_i7\-3612qe, Core_i7\-3612qm, Core_i7\-3615qe, Core_i7\-3615qm, Core_i7\-3630qm, Core_i7\-3632qm, Core_i7\-3635qm, Core_i7\-3667u, Core_i7\-3687u, Core_i7\-3689y, Core_i7\-3720qm, Core_i7\-3740qm, Core_i7\-3770, Core_i7\-3770k, Core_i7\-3770s, Core_i7\-3770t, Core_i7\-3820qm, Core_i7\-3840qm_, Core_i7\-3920xm, Core_i7\-3940xm, Core_i7\-4500u, Core_i7\-4510u, Core_i7\-4550u, Core_i7\-4558u, Core_i7\-4578u, Core_i7\-4600u, Core_i7\-4610y, Core_i7\-4650u, Core_i7\-4700ec, Core_i7\-4700eq, Core_i7\-4700hq, Core_i7\-4700mq, Core_i7\-4702ec, Core_i7\-4702hq, Core_i7\-4702mq, Core_i7\-4710hq, Core_i7\-4710mq, Core_i7\-4712hq, Core_i7\-4712mq, Core_i7\-4720hq, Core_i7\-4722hq, Core_i7\-4750hq, Core_i7\-4760hq, Core_i7\-4765t, Core_i7\-4770, Core_i7\-4770hq, Core_i7\-4770k, Core_i7\-4770r, Core_i7\-4770s, Core_i7\-4770t, Core_i7\-4771, Core_i7\-4785t, Core_i7\-4790, Core_i7\-4790s, Core_i7\-4790t, Core_i7\-4800mq, Core_i7\-4810mq, Core_i7\-4850hq, Core_i7\-4860hq, Core_i7\-4870hq, Core_i7\-4900mq, Core_i7\-4910mq, Core_i7\-4950hq, Core_i7\-4960hq, Core_i7\-4980hq, Core_i7\-5500u, Core_i7\-5550u, Core_i7\-5557u, Core_i7\-5600u, Core_i7\-5650u, Core_i7\-5700eq, Core_i7\-5700hq, Core_i7\-5750hq, Core_i7\-5775c, Core_i7\-5775r, Core_i7\-5850eq, Core_i7\-5850hq, Core_i7\-5950hq, Core_i7\-6500u, Core_i7\-6510u, Core_i7\-6560u, Core_i7\-6567u, Core_i7\-6600u, Core_i7\-6650u, Core_i7\-6660u, Core_i7\-6700, Core_i7\-6700hq, Core_i7\-6700k, Core_i7\-6700t, Core_i7\-6700te, Core_i7\-6770hq, Core_i7\-6820eq, Core_i7\-6820hk, Core_i7\-6820hq, Core_i7\-6822eq, Core_i7\-6870hq, Core_i7\-6920hq, Core_i7\-6970hq, Core_i7\-7500u, Core_i7\-7510u, Core_i7\-7560u, Core_i7\-7567u, Core_i7\-7600u, Core_i7\-7660u, Core_i7\-7700, Core_i7\-7700hq, Core_i7\-7700k, Core_i7\-7700t, Core_i7\-7740x, Core_i7\-7820eq, Core_i7\-7820hk, Core_i7\-7820hq, Core_i7\-7920hq, Core_i7\-7y75, Core_i7\-8500y, Core_i7\-8510y, Core_i7\-8550u, Core_i7\-8557u, Core_i7\-8559u, Core_i7\-8560u, Core_i7\-8565u, Core_i7\-8569u, Core_i7\-8650u, Core_i7\-8665u, Core_i7\-8670, Core_i7\-8670t, Core_i7\-8700, Core_i7\-8700b, Core_i7\-8700k, Core_i7\-8700t, Core_i7\-8705g, Core_i7\-8706g, Core_i7\-8709g, Core_i7\-8750h, Core_i7\-8809g, Core_i7\-8850h, Core_i7\-9700k, Core_i7\-9700kf, Core_i7\-9850h, Core_i9\-8950hk, Core_i9\-9880h, Core_i9\-9900k, Core_i9\-9900kf, Core_i9\-9980hk, Core_m3\-6y30, Core_m3\-7y30, Core_m3\-8100y, Core_m5\-6y54, Core_m5\-6y57, Core_m7\-6y75, Core_m\-5y10, Core_m\-5y10a, Core_m\-5y10c, Core_m\-5y3, Core_m\-5y51, Core_m\-5y70, Core_m\-5y71, Pentium_1405_v2, Pentium_2020m_v2, Pentium_2030m_v2, Pentium_2117u_v2, Pentium_2127u_v2, Pentium_2129y_v2, Pentium_3205u, Pentium_3215u, Pentium_3556u, Pentium_3558u, Pentium_3560m, Pentium_3560y, Pentium_3561y, Pentium_3665u, Pentium_3765u, Pentium_3805u, Pentium_3825u, Pentium_4405u, Pentium_4405y, Pentium_4415u, Pentium_a1018_v2, Pentium_b915c, Pentium_b925c, Pentium_g2010_v2, Pentium_g2020_v2, Pentium_g2020t_v2, Pentium_g2030_v2, Pentium_g2030t_v2, Pentium_g2100t_v2, Pentium_g2120_v2, Pentium_g2120t_v2, Pentium_g2130_v2, Pentium_g2140_v2, Pentium_g3220, Pentium_g3220t, Pentium_g3240, Pentium_g3240t, Pentium_g3250, Pentium_g3250t, Pentium_g3258, Pentium_g3260, Pentium_g3260t, Pentium_g3420, Pentium_g3420t, Pentium_g3430, Pentium_g3440, Pentium_g3440t, Pentium_g3450, Pentium_g3450t, Pentium_g3460, Pentium_g3460t, Pentium_g3470, Pentium_g4400, Pentium_g4400t, Pentium_g4400te, Pentium_g4420, Pentium_g4420t, Pentium_g4500, Pentium_g4500t, Pentium_g4520, Pentium_g4520t, Pentium_g4540, Pentium_g5400, Pentium_g5400t, Pentium_g5420, Pentium_g5420t, Pentium_g5500, Pentium_g5500t, Pentium_g5600, Pentium_gold_6405u, Xeon_e3\-1105c, Xeon_e3\-1105c_v2, Xeon_e3\-1125c, Xeon_e3\-1125c_v2, Xeon_e3\-1220_v2, Xeon_e3\-1220_v3, Xeon_e3\-1220_v5, Xeon_e3\-1220_v6, Xeon_e3\-1220l_v2, Xeon_e3\-1220l_v3, Xeon_e3\-1221_v3, Xeon_e3\-1225_v2, Xeon_e3\-1225_v3, Xeon_e3\-1225_v5, Xeon_e3\-1225_v6, Xeon_e3\-1226_v3, Xeon_e3\-1230_v2, Xeon_e3\-1230_v3, Xeon_e3\-1230_v5, Xeon_e3\-1230_v6, Xeon_e3\-1230l_v3, Xeon_e3\-1231_v3, Xeon_e3\-1235_v2, Xeon_e3\-1235l_v5, Xeon_e3\-1240_v2, Xeon_e3\-1240_v3, Xeon_e3\-1240_v5, Xeon_e3\-1240_v6, Xeon_e3\-1240l_v3, Xeon_e3\-1240l_v5, Xeon_e3\-1241_v3, Xeon_e3\-1245_v2, Xeon_e3\-1245_v3, Xeon_e3\-1245_v5, Xeon_e3\-1245_v6, Xeon_e3\-1246_v3, Xeon_e3\-1258l_v4, Xeon_e3\-1260l_v5, Xeon_e3\-1265l, Xeon_e3\-1265l_v2, Xeon_e3\-1265l_v4, Xeon_e3\-1268l_v3, Xeon_e3\-1268l_v5, Xeon_e3\-1270, Xeon_e3\-1270_v2, Xeon_e3\-1270_v5, Xeon_e3\-1270_v6, Xeon_e3\-1271_v3, Xeon_e3\-1275_v2, Xeon_e3\-1275_v3, Xeon_e3\-1275_v5, Xeon_e3\-1275_v6, Xeon_e3\-1275l_v3, Xeon_e3\-1276_v3, Xeon_e3\-1278l_v4, Xeon_e3\-1280_v2, Xeon_e3\-1280_v3, Xeon_e3\-1280_v5, Xeon_e3\-1280_v6, Xeon_e3\-1281_v3, Xeon_e3\-1285_v3, Xeon_e3\-1285_v4, Xeon_e3\-1285_v6, Xeon_e3\-1285l_v3, Xeon_e3\-1286_v3, Xeon_e3\-1286l_v3, Xeon_e3\-1290_v2, Xeon_e3\-1501l_v6, Xeon_e3\-1501m_v6, Xeon_e3\-1505l_v5, Xeon_e3\-1505l_v6, Xeon_e3\-1505m_v5, Xeon_e3\-1505m_v6, Xeon_e3\-1515m_v5, Xeon_e3\-1535m_v5, Xeon_e3\-1535m_v6, Xeon_e3\-1545m_v5, Xeon_e3\-1558l_v5, Xeon_e3\-1565l_v5, Xeon_e3\-1575m_v5, Xeon_e3\-1578l_v5, Xeon_e3\-1585_v5, Xeon_e3\-1585l_v5, Xeon_e\-2124, Xeon_e\-2124g, Xeon_e\-2126g, Xeon_e\-2134, Xeon_e\-2136, Xeon_e\-2144g, Xeon_e\-2146g, Xeon_e\-2174g, Xeon_e\-2176g, Xeon_e\-2176m, Xeon_e\-2184g, Xeon_e\-2186g, Xeon_e\-2186m, Xeon_e\-2224, Xeon_e\-2224g, Xeon_e\-2226g, Xeon_e\-2226ge, Xeon_e\-2234, Xeon_e\-2236, Xeon_e\-2244g, Xeon_e\-2246g, Xeon_e\-2254me, Xeon_e\-2254ml, Xeon_e\-2274g, Xeon_e\-2276g, Xeon_e\-2276m, Xeon_e\-2276me, Xeon_e\-2276ml, Xeon_e\-2278g, Xeon_e\-2278ge, Xeon_e\-2278gel, Xeon_e\-2284g, Xeon_e\-2286m, Xeon_e\-2288g, Threat_intelligence_exchange_server, Leap, Simatic_field_pg_m4_firmware, Simatic_field_pg_m5_firmware, Simatic_field_pg_m6_firmware, Simatic_ipc3000_smart_firmware, Simatic_ipc347e_firmware, Simatic_ipc427d_firmware, Simatic_ipc427e_firmware, Simatic_ipc477d_firmware, Simatic_ipc477e_firmware, Simatic_ipc477e_pro_firmware, Simatic_ipc527g_firmware, Simatic_ipc547e_firmware, Simatic_ipc547g_firmware, Simatic_ipc627d_firmware, Simatic_ipc627e_firmware, Simatic_ipc647d_firmware, Simatic_ipc647e_firmware, Simatic_ipc677d_firmware, Simatic_ipc677e_firmware, Simatic_ipc827d_firmware, Simatic_ipc847d_firmware, Simatic_ipc847e_firmware, Simatic_itp1000_firmware, Simotion_p320\-4e_firmware, Simotion_p320\-4s_firmware
|
5.5
|
|
|
|
2020-06-17
|
CVE-2018-21247
|
An issue was discovered in LibVNCServer before 0.9.13. There is an information leak (of uninitialized memory contents) in the libvncclient/rfbproto.c ConnectToRFBRepeater function.
|
Ubuntu_linux, Debian_linux, Libvncserver, Leap, Simatic_itc1500_firmware, Simatic_itc1500_pro_firmware, Simatic_itc1900_firmware, Simatic_itc1900_pro_firmware, Simatic_itc2200_firmware, Simatic_itc2200_pro_firmware
|
7.5
|
|
|
|
2020-06-17
|
CVE-2019-20839
|
libvncclient/sockets.c in LibVNCServer before 0.9.13 has a buffer overflow via a long socket filename.
|
Ubuntu_linux, Debian_linux, Libvncserver, Leap, Simatic_itc1500_firmware, Simatic_itc1500_pro_firmware, Simatic_itc1900_firmware, Simatic_itc1900_pro_firmware, Simatic_itc2200_firmware, Simatic_itc2200_pro_firmware
|
7.5
|
|
|
|
2020-06-17
|
CVE-2019-20840
|
An issue was discovered in LibVNCServer before 0.9.13. libvncserver/ws_decode.c can lead to a crash because of unaligned accesses in hybiReadAndDecode.
|
Ubuntu_linux, Debian_linux, Libvncserver, Leap, Simatic_itc1500_firmware, Simatic_itc1500_pro_firmware, Simatic_itc1900_firmware, Simatic_itc1900_pro_firmware, Simatic_itc2200_firmware, Simatic_itc2200_pro_firmware
|
7.5
|
|
|
|
2020-06-18
|
CVE-2017-9108
|
An issue was discovered in adns before 1.5.2. adnshost mishandles a missing final newline on a stdin read. It is wrong to increment used as well as setting r, since used is incremented according to r, later. Rather one should be doing what read() would have done. Without this fix, adnshost may read and process one byte beyond the buffer, perhaps crashing or perhaps somehow leaking the value of that byte.
|
Fedora, Adns, Leap
|
7.5
|
|
|
|
2020-06-18
|
CVE-2017-9109
|
An issue was discovered in adns before 1.5.2. It fails to ignore apparent answers before the first RR that was found the first time. when this is fixed, the second answer scan finds the same RRs at the first. Otherwise, adns can be confused by interleaving answers for the CNAME target, with the CNAME itself. In that case the answer data structure (on the heap) can be overrun. With this fixed, it prefers to look only at the answer RRs which come after the CNAME, which is at least arguably correct.
|
Fedora, Adns, Leap
|
9.8
|
|
|