How severe is CVE-2020-9894?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.3 out of 10.

What type of vulnerability is CVE-2020-9894?

This is classified as CWE-125, which is a common weakness in software security.

CVE-2020-9894

MEDIUM Year: 2020

CVSS v3 Score

4.3

Medium

CVSS v2 Score

4.3

Medium

Weakness Type

CWE-125

View all →

Vulnerability Description

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2, iTunes 12.10.8 for Windows, iCloud for Windows 11.3, iCloud for Windows 7.20. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.

CVE-2016-10208

MEDIUM

CVSS:4.3(Medium)

The ext4_fill_super function in fs/ext4/super.c in the Linux kernel through 4.9.8 does not properly validate meta block groups, which allows physically proximate attackers to cause a denial of service...

CWE-1252016

CVE-2017-17182

MEDIUM

CVSS:4.3(Medium)

Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R...

CWE-1252017

CVE-2017-17185

MEDIUM

CVSS:4.3(Medium)

CWE-1252017

CVE-2017-17281

MEDIUM

CVSS:4.3(Medium)

SFTP module in Huawei DP300 V500R002C00; RP200 V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V60...

CWE-1252017

CVE-2018-16427

MEDIUM

CVSS:4.3(Medium)

Various out of bounds reads when handling responses in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to potentially crash the opensc library using programs.

CWE-1252018

CVE-2018-16866

MEDIUM

CVSS:4.3(Medium)

An out of bounds read was discovered in systemd-journald in the way it parses log messages that terminate with a colon ':'. A local attacker can use this flaw to disclose process memory data. Versions...

CWE-1252018

CVE-2020-9894

Vulnerability Description

Related Vulnerabilities

CVE-2016-10208

CVE-2017-17182

CVE-2017-17185

CVE-2017-17281

CVE-2018-16427

CVE-2018-16866