» 2020 » 2월

CVE-2020-9432

Posted on 2020년 2월 28일2020년 2월 28일 by admin

CVE-2020-9432

openssl_x509_check_host in lua-openssl 0.7.7-1 mishandles X.509 certificate validation because it uses lua_pushboolean for certain non-boolean return values.

Source: CVE-2020-9432

CVE-2020-9431

Posted on 2020년 2월 28일2020년 2월 28일 by admin

CVE-2020-9431

In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the LTE RRC dissector could leak memory. This was addressed in epan/dissectors/packet-lte-rrc.c by adjusting certain append operations.

Source: CVE-2020-9431

CVE-2020-6418

Posted on 2020년 2월 28일2020년 2월 28일 by admin

CVE-2020-6418

Type confusion in V8 in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Source: CVE-2020-6418

CVE-2020-6407

Posted on 2020년 2월 28일2020년 2월 28일 by admin

CVE-2020-6407

Out of bounds memory access in streams in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Source: CVE-2020-6407

CVE-2020-6384

Posted on 2020년 2월 28일2020년 2월 28일 by admin

CVE-2020-6384

Use after free in WebAudio in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Source: CVE-2020-6384

CVE-2020-6386

Posted on 2020년 2월 28일2020년 2월 28일 by admin

CVE-2020-6386

Use after free in speech in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Source: CVE-2020-6386

CVE-2020-6383

Posted on 2020년 2월 28일2020년 2월 28일 by admin

CVE-2020-6383

Type confusion in V8 in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Source: CVE-2020-6383

CVE-2020-9428

Posted on 2020년 2월 28일2020년 2월 28일 by admin

CVE-2020-9428

In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the EAP dissector could crash. This was addressed in epan/dissectors/packet-eap.c by using more careful sscanf parsing.

Source: CVE-2020-9428

CVE-2020-9430

Posted on 2020년 2월 28일2020년 2월 28일 by admin

CVE-2020-9430

In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the WiMax DLMAP dissector could crash. This was addressed in plugins/epan/wimax/msg_dlmap.c by validating a length field.

Source: CVE-2020-9430

CVE-2020-9429

Posted on 2020년 2월 28일2020년 2월 28일 by admin

CVE-2020-9429

In Wireshark 3.2.0 to 3.2.1, the WireGuard dissector could crash. This was addressed in epan/dissectors/packet-wireguard.c by handling the situation where a certain data structure intentionally has a NULL value.

Source: CVE-2020-9429