How severe is CVE-2020-27484?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 9.9 out of 10.

What type of vulnerability is CVE-2020-27484?

This is classified as CWE-190, which is a common weakness in software security.

CVE-2020-27484

CRITICAL Year: 2020

CVSS v3 Score

9.9

Critical

CVSS v2 Score

6.5

Medium

Weakness Type

CWE-190

View all →

Vulnerability Description

Garmin Forerunner 235 before 8.20 is affected by: Integer Overflow. The component is: ConnectIQ TVM. The attack vector is: To exploit the vulnerability, the attacker must upload a malicious ConnectIQ application to the ConnectIQ store. The ConnectIQ program interpreter fails to check for overflow when allocating the array for the NEWA instruction. This a constrained read/write primitive across the entire MAX32630 address space. A successful exploit would allow a ConnectIQ app store application to escape and perform activities outside the restricted application execution environment.

CVE-2022-1699

CRITICAL

CVSS:9.9(Critical)

Uncontrolled Resource Consumption in GitHub repository causefx/organizr prior to 2.1.2000. This vulnerability can be abused by doing a DDoS attack for which genuine users will not able to access resou...

CWE-1902022

CVE-2002-0391

CRITICAL

CVSS:9.8(Critical)

Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by...

CWE-1902002

CVE-2002-0639

CRITICAL

CVSS:9.8(Critical)

Integer overflow in sshd in OpenSSH 2.9.9 through 3.3 allows remote attackers to execute arbitrary code during challenge response authentication (ChallengeResponseAuthentication) when OpenSSH is using...

CWE-1902002

CVE-2005-0102

CRITICAL

CVSS:9.8(Critical)

Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte ...

CWE-1902005

CVE-2005-1141

CRITICAL

CVSS:9.8(Critical)

Integer overflow in the readpgm function in pnm.c for GOCR 0.40, when using the netpbm library, allows remote attackers to execute arbitrary code via a PNM file with large width and height values, whi...

CWE-1902005

CVE-2005-1513

CRITICAL

CVSS:9.8(Critical)

Integer overflow in the stralloc_readyplus function in qmail, when running on 64 bit platforms with a large amount of virtual memory, allows remote attackers to cause a denial of service and possibly ...

CWE-1902005

CVE-2020-27484

Vulnerability Description

Related Vulnerabilities

CVE-2022-1699

CVE-2002-0391

CVE-2002-0639

CVE-2005-0102

CVE-2005-1141

CVE-2005-1513