Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2022-20688

Summary
Assigner-cisco
Assigner Org ID-d1c1063e-7a18-46af-9102-31f8928bc633
Published At-07 Dec, 2022 | 16:54
Updated At-03 Aug, 2024 | 02:17
Rejected At-
Credits

A vulnerability in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device and cause Cisco Discovery Protocol service to restart. This vulnerability is due to missing length validation of certain Cisco Discovery Protocol packet header fields. An attacker could exploit these vulnerabilities by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to execute code on the affected device and cause Cisco Discovery Protocol to restart unexpectedly, resulting in a DoS condition.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:cisco
Assigner Org ID:d1c1063e-7a18-46af-9102-31f8928bc633
Published At:07 Dec, 2022 | 16:54
Updated At:03 Aug, 2024 | 02:17
Rejected At:
▼CVE Numbering Authority (CNA)

A vulnerability in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device and cause Cisco Discovery Protocol service to restart. This vulnerability is due to missing length validation of certain Cisco Discovery Protocol packet header fields. An attacker could exploit these vulnerabilities by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to execute code on the affected device and cause Cisco Discovery Protocol to restart unexpectedly, resulting in a DoS condition.

Affected Products
Vendor
Cisco Systems, Inc.Cisco
Product
Cisco Analog Telephone Adaptor (ATA) Software
Versions
Affected
  • 1.2.1
  • 1.2.2 SR1
  • 1.2.2
  • 1.2.2 SR2
  • 11.1.0 MSR4
  • 11.1.0
  • 11.1.0 MSR1
  • 11.1.0 MSR2
  • 11.1.0 MSR3
  • 1.1.0
  • 1.1.1
  • 1.1.2
  • 12.0.1 SR2
  • 12.0.1
  • 12.0.1 SR1
  • 12.0.1 SR3
  • 12.0.1 SR4
  • 11.2.1
Problem Types
TypeCWE IDDescription
cweCWE-125Out-of-bounds Read
Type: cwe
CWE ID: CWE-125
Description: Out-of-bounds Read
Metrics
VersionBase scoreBase severityVector
3.15.3MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Version: 3.1
Base score: 5.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits

The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.

Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ata19x-multivuln-GEZYVvs
N/A
Hyperlink: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ata19x-multivuln-GEZYVvs
Resource: N/A
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ata19x-multivuln-GEZYVvs
x_transferred
Hyperlink: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ata19x-multivuln-GEZYVvs
Resource:
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:ykramarz@cisco.com
Published At:12 Dec, 2022 | 09:15
Updated At:25 Jan, 2024 | 17:15

A vulnerability in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device and cause Cisco Discovery Protocol service to restart. This vulnerability is due to missing length validation of certain Cisco Discovery Protocol packet header fields. An attacker could exploit these vulnerabilities by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to execute code on the affected device and cause Cisco Discovery Protocol to restart unexpectedly, resulting in a DoS condition.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.15.3MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Secondary3.15.3MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Type: Primary
Version: 3.1
Base score: 5.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Type: Secondary
Version: 3.1
Base score: 5.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CPE Matches
Cisco Systems, Inc.
cisco
>>ata_190_firmware>>-
cpe:2.3:o:cisco:ata_190_firmware:-:*:*:*:on-premises:*:*:*
Cisco Systems, Inc.
cisco
>>ata_190>>-
cpe:2.3:h:cisco:ata_190:-:*:*:*:on-premises:*:*:*
Cisco Systems, Inc.
cisco
>>ata_191_firmware>>Versions before 11.2.2(exclusive)
cpe:2.3:o:cisco:ata_191_firmware:*:*:*:*:multiplatform:*:*:*
Cisco Systems, Inc.
cisco
>>ata_191>>-
cpe:2.3:h:cisco:ata_191:-:*:*:*:multiplatform:*:*:*
Cisco Systems, Inc.
cisco
>>ata_191_firmware>>Versions before 12.0.1(exclusive)
cpe:2.3:o:cisco:ata_191_firmware:*:*:*:*:on-premises:*:*:*
Cisco Systems, Inc.
cisco
>>ata_191_firmware>>12.0.1
cpe:2.3:o:cisco:ata_191_firmware:12.0.1:-:*:*:on-premises:*:*:*
Cisco Systems, Inc.
cisco
>>ata_191_firmware>>12.0.1
cpe:2.3:o:cisco:ata_191_firmware:12.0.1:sr1:*:*:on-premises:*:*:*
Cisco Systems, Inc.
cisco
>>ata_191_firmware>>12.0.1
cpe:2.3:o:cisco:ata_191_firmware:12.0.1:sr2:*:*:on-premises:*:*:*
Cisco Systems, Inc.
cisco
>>ata_191_firmware>>12.0.1
cpe:2.3:o:cisco:ata_191_firmware:12.0.1:sr3:*:*:on-premises:*:*:*
Cisco Systems, Inc.
cisco
>>ata_191_firmware>>12.0.1
cpe:2.3:o:cisco:ata_191_firmware:12.0.1:sr4:*:*:on-premises:*:*:*
Cisco Systems, Inc.
cisco
>>ata_191>>-
cpe:2.3:h:cisco:ata_191:-:*:*:*:on-premises:*:*:*
Cisco Systems, Inc.
cisco
>>ata_192_firmware>>Versions before 11.2.2(exclusive)
cpe:2.3:o:cisco:ata_192_firmware:*:*:*:*:multiplatform:*:*:*
Cisco Systems, Inc.
cisco
>>ata_192>>-
cpe:2.3:h:cisco:ata_192:-:*:*:*:multiplatform:*:*:*
Weaknesses
CWE IDTypeSource
CWE-1284Primarynvd@nist.gov
CWE-125Secondaryykramarz@cisco.com
CWE ID: CWE-1284
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-125
Type: Secondary
Source: ykramarz@cisco.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ata19x-multivuln-GEZYVvsykramarz@cisco.com
N/A
Hyperlink: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ata19x-multivuln-GEZYVvs
Source: ykramarz@cisco.com
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

119Records found
CVE-2020-1824
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-3.7||LOW
EPSS-0.05% / 16.42%
||
7 Day CHG~0.00%
Published-28 Dec, 2024 | 06:37
Updated-13 Jan, 2025 | 18:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289) The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-usg6000vnip6300_firmwareips_modulesecospace_usg6600_firmwareips_module_firmwarengfw_module_firmwaresecospace_usg6500_firmwareusg6000v_firmwaresecospace_usg6300secospace_usg6500ngfw_modulesecospace_usg6600nip6600nip6800_firmwarenip6300secospace_usg6300_firmwarenip6800nip6600_firmwareNIP6600NGFW ModuleSecospace USG6300NIP6300NIP6800Secospace USG6600USG6000VIPS ModuleSecospace USG6500
CWE ID-CWE-125
Out-of-bounds Read
CVE-2025-32399
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.09% / 26.17%
||
7 Day CHG~0.00%
Published-07 May, 2025 | 07:05
Updated-13 May, 2025 | 20:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An Unchecked Input for Loop Condition in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to cause IO devices that use the library to enter an infinite loop by sending a malicious RPC packet.

Action-Not Available
Vendor-rt-labsRT-Labs
Product-p-netP-Net
CWE ID-CWE-1284
Improper Validation of Specified Quantity in Input
CWE ID-CWE-606
Unchecked Input for Loop Condition
CVE-2022-23937
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.18% / 40.36%
||
7 Day CHG~0.00%
Published-29 Mar, 2022 | 01:21
Updated-03 Aug, 2024 | 03:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Wind River VxWorks 6.9 and 7, a specific crafted packet may lead to an out-of-bounds read during an IKE initial exchange scenario.

Action-Not Available
Vendor-windrivern/a
Product-vxworksn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-1819
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-3.7||LOW
EPSS-0.05% / 16.42%
||
7 Day CHG~0.00%
Published-27 Dec, 2024 | 10:05
Updated-10 Jan, 2025 | 20:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289) The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-secospace_usg6300_firmwaresecospace_usg6600_firmwarenip6800usg6000vngfw_modulengfw_module_firmwareips_module_firmwaresecospace_usg6300secospace_usg6500ips_modulenip6600_firmwareusg6000v_firmwarenip6300secospace_usg6500_firmwarenip6800_firmwarenip6600nip6300_firmwaresecospace_usg6600Secospace USG6600USG6000VNIP6600NGFW ModuleNIP6300Secospace USG6300Secospace USG6500NIP6800IPS Module
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-1822
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-3.7||LOW
EPSS-0.05% / 16.42%
||
7 Day CHG~0.00%
Published-28 Dec, 2024 | 06:21
Updated-13 Jan, 2025 | 18:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289) The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-usg6000vnip6300_firmwareips_modulesecospace_usg6600_firmwareips_module_firmwarengfw_module_firmwaresecospace_usg6500_firmwareusg6000v_firmwaresecospace_usg6300secospace_usg6500ngfw_modulesecospace_usg6600nip6600nip6800_firmwarenip6300secospace_usg6300_firmwarenip6800nip6600_firmwareNIP6600NGFW ModuleSecospace USG6300NIP6300NIP6800Secospace USG6600USG6000VIPS ModuleSecospace USG6500
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-17507
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.3||MEDIUM
EPSS-2.60% / 85.03%
||
7 Day CHG~0.00%
Published-12 Aug, 2020 | 17:35
Updated-04 Aug, 2024 | 14:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Qt through 5.12.9, and 5.13.x through 5.15.x before 5.15.1. read_xbm_body in gui/image/qxbmhandler.cpp has a buffer over-read.

Action-Not Available
Vendor-qtn/aDebian GNU/LinuxFedora Project
Product-qtdebian_linuxfedoran/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-1830
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-5.3||MEDIUM
EPSS-0.24% / 47.59%
||
7 Day CHG~0.00%
Published-17 Feb, 2020 | 23:35
Updated-04 Aug, 2024 | 06:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have a vulnerability that a memory management error exists when IPSec Module handing a specific message. This causes 1 byte out-of-bound read, compromising normal service.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-usg9500_firmwaresecospace_usg6600nip6800_firmwarenip6800secospace_usg6600_firmwareusg9500NIP6800Secospace USG6600, USG9500
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-1820
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-3.7||LOW
EPSS-0.05% / 16.42%
||
7 Day CHG~0.00%
Published-28 Dec, 2024 | 06:11
Updated-13 Jan, 2025 | 18:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289) The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-usg6000vnip6300_firmwareips_modulesecospace_usg6600_firmwareips_module_firmwarengfw_module_firmwaresecospace_usg6500_firmwareusg6000v_firmwaresecospace_usg6300secospace_usg6500ngfw_modulesecospace_usg6600nip6600nip6800_firmwarenip6300secospace_usg6300_firmwarenip6800nip6600_firmwareNIP6600NGFW ModuleSecospace USG6300NIP6300NIP6800Secospace USG6600USG6000VIPS ModuleSecospace USG6500
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-1823
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-3.7||LOW
EPSS-0.05% / 16.42%
||
7 Day CHG~0.00%
Published-28 Dec, 2024 | 06:29
Updated-13 Jan, 2025 | 18:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289) The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-usg6000vnip6300_firmwareips_modulesecospace_usg6600_firmwareips_module_firmwarengfw_module_firmwaresecospace_usg6500_firmwareusg6000v_firmwaresecospace_usg6300secospace_usg6500ngfw_modulesecospace_usg6600nip6600nip6800_firmwarenip6300secospace_usg6300_firmwarenip6800nip6600_firmwareNIP6600NGFW ModuleSecospace USG6300NIP6300NIP6800Secospace USG6600USG6000VIPS ModuleSecospace USG6500
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-1821
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-3.7||LOW
EPSS-0.05% / 16.42%
||
7 Day CHG~0.00%
Published-28 Dec, 2024 | 06:16
Updated-13 Jan, 2025 | 18:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289) The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-usg6000vnip6300_firmwareips_modulesecospace_usg6600_firmwareips_module_firmwarengfw_module_firmwaresecospace_usg6500_firmwareusg6000v_firmwaresecospace_usg6300secospace_usg6500ngfw_modulesecospace_usg6600nip6600nip6800_firmwarenip6300secospace_usg6300_firmwarenip6800nip6600_firmwareNIP6600NGFW ModuleSecospace USG6300NIP6300NIP6800Secospace USG6600USG6000VIPS ModuleSecospace USG6500
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-1818
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-3.7||LOW
EPSS-0.05% / 16.42%
||
7 Day CHG~0.00%
Published-27 Dec, 2024 | 10:02
Updated-10 Jan, 2025 | 20:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289) The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-secospace_usg6300_firmwaresecospace_usg6600_firmwarenip6800usg6000vngfw_modulengfw_module_firmwareips_module_firmwaresecospace_usg6300secospace_usg6500ips_modulenip6600_firmwareusg6000v_firmwarenip6300secospace_usg6500_firmwarenip6800_firmwarenip6600nip6300_firmwaresecospace_usg6600Secospace USG6600USG6000VNIP6600NGFW ModuleNIP6300Secospace USG6300Secospace USG6500NIP6800IPS Module
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-45682
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.02% / 4.17%
||
7 Day CHG~0.00%
Published-20 Oct, 2023 | 23:27
Updated-12 Sep, 2024 | 13:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Wild address read in vorbis_decode_packet_rest in stb_vorbis

stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of bounds read in `DECODE` macro when `var` is negative. As it can be seen in the definition of `DECODE_RAW` a negative `var` is a valid value. This issue may be used to leak internal memory allocation information.

Action-Not Available
Vendor-nothingsnothingsnothings
Product-stb_vorbis.cstbstb
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-26421
Matching Score-4
Assigner-GitLab Inc.
ShareView Details
Matching Score-4
Assigner-GitLab Inc.
CVSS Score-4.2||MEDIUM
EPSS-0.22% / 44.22%
||
7 Day CHG~0.00%
Published-11 Dec, 2020 | 17:25
Updated-04 Aug, 2024 | 15:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Crash in USB HID protocol dissector and possibly other dissectors in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file.

Action-Not Available
Vendor-Wireshark FoundationOracle CorporationDebian GNU/LinuxFedora Project
Product-wiresharkdebian_linuxzfs_storage_appliance_kitfedoraWireshark
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-8508
Matching Score-4
Assigner-NLnet Labs
ShareView Details
Matching Score-4
Assigner-NLnet Labs
CVSS Score-5.3||MEDIUM
EPSS-0.54% / 66.57%
||
7 Day CHG~0.00%
Published-03 Oct, 2024 | 16:27
Updated-17 Dec, 2024 | 19:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unbounded name compression could lead to Denial of Service

NLnet Labs Unbound up to and including version 1.21.0 contains a vulnerability when handling replies with very large RRsets that it needs to perform name compression for. Malicious upstreams responses with very large RRsets can cause Unbound to spend a considerable time applying name compression to downstream replies. This can lead to degraded performance and eventually denial of service in well orchestrated attacks. The vulnerability can be exploited by a malicious actor querying Unbound for the specially crafted contents of a malicious zone with very large RRsets. Before Unbound replies to the query it will try to apply name compression which was an unbounded operation that could lock the CPU until the whole packet was complete. Unbound version 1.21.1 introduces a hard limit on the number of name compression calculations it is willing to do per packet. Packets that need more compression will result in semi-compressed packets or truncated packets, even on TCP for huge messages, to avoid locking the CPU for long. This change should not affect normal DNS traffic.

Action-Not Available
Vendor-nlnetlabsNLnet LabsnlnetlabsDebian GNU/Linux
Product-unbounddebian_linuxUnboundunbound
CWE ID-CWE-606
Unchecked Input for Loop Condition
CWE ID-CWE-1284
Improper Validation of Specified Quantity in Input
CVE-2020-11912
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.3||MEDIUM
EPSS-1.59% / 80.88%
||
7 Day CHG~0.00%
Published-17 Jun, 2020 | 10:56
Updated-04 Aug, 2024 | 11:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Treck TCP/IP stack before 6.0.1.66 has a TCP Out-of-bounds Read.

Action-Not Available
Vendor-treckn/a
Product-tcp\/ipn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-39356
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.14% / 35.46%
||
7 Day CHG~0.00%
Published-31 Aug, 2023 | 20:50
Updated-10 Apr, 2025 | 21:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Missing offset validation leading to Out-of-Bounds Read in FreeRDP

FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. In affected versions a missing offset validation may lead to an Out Of Bound Read in the function `gdi_multi_opaque_rect`. In particular there is no code to validate if the value `multi_opaque_rect->numRectangles` is less than 45. Looping through `multi_opaque_rect->`numRectangles without proper boundary checks can lead to Out-of-Bounds Read errors which will likely lead to a crash. This issue has been addressed in versions 2.11.0 and 3.0.0-beta3. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Action-Not Available
Vendor-FreeRDPFedora ProjectDebian GNU/Linux
Product-freerdpfedoradebian_linuxFreeRDP
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-33285
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.3||MEDIUM
EPSS-0.09% / 25.97%
||
7 Day CHG-0.01%
Published-22 May, 2023 | 00:00
Updated-21 Jan, 2025 | 15:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Qt 5.x before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. QDnsLookup has a buffer over-read via a crafted reply from a DNS server.

Action-Not Available
Vendor-qtn/a
Product-qtn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-46891
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-6.9||MEDIUM
EPSS-0.19% / 40.95%
||
7 Day CHG+0.02%
Published-12 Nov, 2024 | 12:49
Updated-20 Aug, 2025 | 19:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly restrict the size of generated log files. This could allow an unauthenticated remote attacker to trigger a large amount of logged events to exhaust the system's resources and create a denial of service condition.

Action-Not Available
Vendor-Siemens AG
Product-sinec_insSINEC INSsinec_ins
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2024-32669
Matching Score-4
Assigner-Samsung TV & Appliance
ShareView Details
Matching Score-4
Assigner-Samsung TV & Appliance
CVSS Score-5.3||MEDIUM
EPSS-0.23% / 45.71%
||
7 Day CHG~0.00%
Published-09 May, 2024 | 06:02
Updated-02 Aug, 2024 | 02:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Possible stack overflow due to a string encoding processing error

Improper Input Validation vulnerability in Samsung Open Source escargot JavaScript engine allows Overflow Buffers. However, it occurs in the test code and does not include in the release. This issue affects escargot: 4.0.0.

Action-Not Available
Vendor-Samsung Open Sourcesamsung_open_source
Product-Escargotescargot
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-20
Improper Input Validation
  • Previous
  • 1
  • 2
  • 3
  • Next
Details not found