CVE-2020-7455

MEDIUM Year: 2020
CVSS v3 Score
5.5
Medium
CVSS v2 Score
2.1
Low
Weakness Type
CWE-772
View all →

Vulnerability Description

In FreeBSD 12.1-STABLE before r360973, 12.1-RELEASE before p5, 11.4-STABLE before r360973, 11.4-BETA1 before p1 and 11.3-RELEASE before p9, the FTP packet handler in libalias incorrectly calculates some packet length allowing disclosure of small amounts of kernel (for kernel NAT) or natd process space (for userspace natd).

Related Vulnerabilities

CVE-2011-1488

MEDIUM
CVSS:5.5(Medium)

A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when $RepeatedMsgReduction was enabled. A local attacker could use this flaw to cause a denial of th...

CWE-7722011

CVE-2011-1489

MEDIUM
CVSS:5.5(Medium)

A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages were logged when multiple rulesets were used and some output batches contained messages belonging to more than ...

CWE-7722011

CVE-2011-1490

MEDIUM
CVSS:5.5(Medium)

A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are logged when multiple rulesets were used and some output batches contained messages belonging to more than o...

CWE-7722011

CVE-2011-2498

MEDIUM
CVSS:5.5(Medium)

The Linux kernel from v2.3.36 before v2.6.39 allows local unprivileged users to cause a denial of service (memory consumption) by triggering creation of PTE pages.

CWE-7722011

CVE-2017-0697

MEDIUM
CVSS:5.5(Medium)

A denial of service vulnerability in the Android media framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37239013.

CWE-7722017

CVE-2017-0726

MEDIUM
CVSS:5.5(Medium)

A denial of service vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36389123.

CWE-7722017