CVE-2020-36602

MEDIUM Year: 2020
CVSS v3 Score
6.1
Medium
Weakness Type
CWE-125
View all →

Vulnerability Description

There is an out-of-bounds read and write vulnerability in some headset products. An unauthenticated attacker gets the device physically and crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient validation of message, which may be exploited to cause out-of-bounds read and write.

Related Vulnerabilities

CVE-2017-8182

MEDIUM
CVSS:6.1(Medium)

MTK platform in Huawei smart phones with software of earlier than Nice-AL00C00B160 versions, earlier than Nice-AL10C00B140 versions has a out-of-bound read vulnerability. An attacker tricks a user int...

CWE-1252017

CVE-2020-3986

MEDIUM
CVSS:6.1(Medium)

VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an out-of-bounds read vulnerability in Cortado ThinPrint component (EMF Parser). A malicious actor with normal acces...

CWE-1252020

CVE-2020-3987

MEDIUM
CVSS:6.1(Medium)

VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an out-of-bounds read vulnerability in Cortado ThinPrint component (EMR STRETCHDIBITS parser). A malicious actor wit...

CWE-1252020

CVE-2020-3988

MEDIUM
CVSS:6.1(Medium)

VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an out-of-bounds read vulnerability in Cortado ThinPrint component (JPEG2000 parser). A malicious actor with normal ...

CWE-1252020

CVE-2020-9726

MEDIUM
CVSS:6.1(Medium)

Adobe FrameMaker version 2019.0.6 (and earlier versions) has an out-of-bounds read vulnerability that could be exploited to read past the end of an allocated buffer, possibly resulting in a crash or d...

CWE-1252020

CVE-2021-1094

MEDIUM
CVSS:6.1(Medium)

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where an out of bounds array access may lead to denial of ser...

CWE-1252021