Security Vulnerabilities - CVEs Published In July 2020
Memory corruption can occurs in trusted application if offset size from HLOS is more than actual mapped buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Kamorta, QCS404, Rennell, SC7180, SDX55, SM6150, SM7150, SM8250, SXR2130
CVSS Score
7.8
EPSS Score
0.001
Published
2020-07-30
Use-after-free issue could occur due to dangling pointer when generating a frame buffer in OpenGL ES in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8009, Nicobar, QCM2150, QCS405, Saipan, SDM845, SM8150, SM8250, SXR2130
CVSS Score
9.8
EPSS Score
0.003
Published
2020-07-30
This affects the package express-fileupload before 1.1.8. If the parseNested option is enabled, sending a corrupt HTTP request can lead to denial of service or arbitrary code execution.
CVSS Score
7.5
EPSS Score
0.041
Published
2020-07-30
Global TechStream (GTS) for TOYOTA dealers version 15.10.032 and earlier allows an attacker to cause a denial-of-service (DoS) condition and execute arbitrary code via unspecified vectors.
CVSS Score
7.8
EPSS Score
0.002
Published
2020-07-30
The seafile-client client 7.0.8 for Seafile is vulnerable to DLL hijacking because it loads exchndl.dll from the current working directory.
CVSS Score
7.8
EPSS Score
0.0
Published
2020-07-29
libssh 0.9.4 has a NULL pointer dereference in tftpserver.c if ssh_buffer_new returns NULL.
CVSS Score
5.9
EPSS Score
0.017
Published
2020-07-29
beroNet VoIP Gateways before 3.0.16 have a PHP script that allows downloading arbitrary files, including ones with credentials.
CVSS Score
7.5
EPSS Score
0.004
Published
2020-07-29
In grub2 versions before 2.06 the grub memory allocator doesn't check for possible arithmetic overflows on the requested allocation size. This leads the function to return invalid memory allocations which can be further used to cause possible integrity, confidentiality and availability impacts during the boot process.
CVSS Score
6.4
EPSS Score
0.0
Published
2020-07-29
Grandstream HT800 series firmware version 1.0.17.5 and below is vulnerable to CPU exhaustion due to an infinite loop in the TR-069 service. Unauthenticated remote attackers can trigger this case by sending a one character TCP message to the TR-069 service.
CVSS Score
7.5
EPSS Score
0.022
Published
2020-07-29
Grandstream HT800 series firmware version 1.0.17.5 and below is vulnerable to a denial of service attack against the TR-069 service. An unauthenticated remote attacker can stop the service due to a NULL pointer dereference in the TR-069 service. This condition is triggered due to mishandling of the HTTP Authentication field.
CVSS Score
7.5
EPSS Score
0.014
Published
2020-07-29