August 2023 – Page 211 – WindowsTechs.com

CVE-2020-22217 (c-ares)

Posted on August 22, 2023 by National Vulnerability Database

Buffer overflow vulnerability in c-ares before 1_16_1 thru 1_17_0 via function ares_parse_soa_reply in ares_parse_soa_reply.c. Continue reading CVE-2020-22217 (c-ares)→

CVE-2020-24294 (freeimage)

Posted on August 22, 2023 by National Vulnerability Database

Buffer Overflow vulnerability in psdParser::UnpackRLE function in PSDParser.cpp in FreeImage 3.19.0 [r1859] allows remote attackers to cuase a denial of service via opening of crafted psd file. Continue reading CVE-2020-24294 (freeimage)→

CVE-2020-22218 (libssh2)

Posted on August 22, 2023 by National Vulnerability Database

An issue was discovered in function _libssh2_packet_add in libssh2 1.10.0 allows attackers to access out of bounds memory. Continue reading CVE-2020-22218 (libssh2)→

CVE-2020-25887 (mongoose)

Posted on August 22, 2023 by National Vulnerability Database

Buffer overflow in mg_resolve_from_hosts_file in Mongoose 6.18, when reading from a crafted hosts file. Continue reading CVE-2020-25887 (mongoose)→

CVE-2020-22524 (freeimage)

Posted on August 22, 2023 by National Vulnerability Database

Buffer Overflow vulnerability in FreeImage_Load function in FreeImage Library 3.19.0(r1828) allows attackers to cuase a denial of service via crafted PFM file. Continue reading CVE-2020-22524 (freeimage)→

CVE-2020-22916 (xz)

Posted on August 22, 2023 by National Vulnerability Database

An issue discovered in XZ 5.2.5 allows attackers to cause a denial of service via decompression of crafted file. Continue reading CVE-2020-22916 (xz)→

CVE-2020-22628 (libraw)

Posted on August 22, 2023 by National Vulnerability Database

Buffer Overflow vulnerability in LibRaw::stretch() function in libraw\src\postprocessing\aspect_ratio.cpp. Continue reading CVE-2020-22628 (libraw)→

CVE-2020-24295 (freeimage)

Posted on August 22, 2023 by National Vulnerability Database

Buffer Overflow vulnerability in PSDParser.cpp::ReadImageLine() in FreeImage 3.19.0 [r1859] allows remote attackers to ru narbitrary code via use of crafted psd file. Continue reading CVE-2020-24295 (freeimage)→

CVE-2020-23992 (nagios_xi)

Posted on August 22, 2023 by National Vulnerability Database

Cross Site Scripting (XSS) in Nagios XI 5.7.1 allows remote attackers to run arbitrary code via returnUrl parameter in a crafted GET request. Continue reading CVE-2020-23992 (nagios_xi)→

CVE-2020-24292 (freeimage)

Posted on August 22, 2023 by National Vulnerability Database

Buffer Overflow vulnerability in load function in PluginICO.cpp in FreeImage 3.19.0 [r1859] allows remote attackers to run arbitrary code via opening of crafted ico file. Continue reading CVE-2020-24292 (freeimage)→