Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2020-06-05 CVE-2020-10071 Classic Buffer Overflow vulnerability in Zephyrproject Zephyr
The Zephyr MQTT parsing code performs insufficient checking of the length field on publish messages, allowing a buffer overflow and potentially remote code execution.
network
low complexity
zephyrproject CWE-120
7.5
7.5
2020-06-05 CVE-2020-10070 Classic Buffer Overflow vulnerability in Zephyrproject Zephyr
In the Zephyr Project MQTT code, improper bounds checking can result in memory corruption and possibly remote code execution.
network
low complexity
zephyrproject CWE-120
7.5
7.5
2020-06-05 CVE-2020-10062 Off-by-one Error vulnerability in Zephyrproject Zephyr
An off-by-one error in the Zephyr project MQTT packet length decoder can result in memory corruption and possible remote code execution.
network
low complexity
zephyrproject CWE-193
7.5
7.5
2020-06-05 CVE-2020-4229 Session Fixation vulnerability in IBM Mobile Foundation 8.0.0.0
IBM Worklight/MobileFoundation 8.0.0.0 does not properly invalidate session cookies when a user logs out of a session, which could allow another user to gain unauthorized access to a user's session.
network
low complexity
ibm CWE-384
7.5
7.5
2020-06-05 CVE-2020-9859 Double Free vulnerability in Apple products
A memory consumption issue was addressed with improved memory handling.
local
low complexity
apple CWE-415
7.8
7.8
2020-06-05 CVE-2020-12723 Classic Buffer Overflow vulnerability in multiple products
regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls.
network
low complexity
perl netapp fedoraproject opensuse oracle CWE-120
7.5
7.5
2020-06-05 CVE-2020-11492 Race Condition vulnerability in Docker Desktop
An issue was discovered in Docker Desktop through 2.2.0.5 on Windows.
local
low complexity
docker CWE-362
7.2
7.2
2020-06-05 CVE-2020-10878 Integer Overflow or Wraparound vulnerability in multiple products
Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation.
network
low complexity
perl fedoraproject opensuse netapp oracle CWE-190
8.6
8.6
2020-06-05 CVE-2020-10543 Integer Overflow or Wraparound vulnerability in multiple products
Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow.
network
low complexity
perl fedoraproject opensuse oracle CWE-190
8.2
8.2
2020-06-05 CVE-2020-13840 Classic Buffer Overflow vulnerability in Google Android
An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 (MTK chipsets).
network
low complexity
google CWE-120
7.5
7.5