CVE-2020-8937

LOW Year: 2020
CVSS v3 Score
3.3
Low
CVSS v2 Score
2.1
Low
Weakness Type
CWE-120
View all →

Vulnerability Description

An arbitrary memory overwrite vulnerability in Asylo versions up to 0.6.0 allows an attacker to make a host call to enc_untrusted_create_wait_queue that uses a pointer queue that relies on UntrustedLocalMemcpy, which fails to validate where the pointer is located. This allows an attacker to write memory values from within the enclave. We recommend upgrading past commit a37fb6a0e7daf30134dbbf357c9a518a1026aa02

Related Vulnerabilities

CVE-2019-8842

LOW
CVSS:3.3(Low)

A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. In certain conf...

CWE-1202019

CVE-2020-14354

LOW
CVSS:3.3(Low)

A possible use-after-free and double-free in c-ares lib version 1.16.0 if ares_destroy() is called prior to ares_getaddrinfo() completing. This flaw possibly allows an attacker to crash the service th...

CWE-1202020

CVE-2020-18974

LOW
CVSS:3.3(Low)

Buffer Overflow in Netwide Assembler (NASM) v2.15.xx allows attackers to cause a denial of service via 'crc64i' in the component 'nasmlib/crc64'. This issue is different than CVE-2019-7147.

CWE-1202020

CVE-2020-21428

LOW
CVSS:3.3(Low)

Buffer Overflow vulnerability in function LoadRGB in PluginDDS.cpp in FreeImage 3.18.0 allows remote attackers to run arbitrary code and cause other impacts via crafted image file.

CWE-1202020

CVE-2020-27818

LOW
CVSS:3.3(Low)

A flaw was found in the check_chunk_name() function of pngcheck-2.4.0. An attacker able to pass a malicious file to be processed by pngcheck could cause a temporary denial of service, posing a low ris...

CWE-1202020

CVE-2021-22305

LOW
CVSS:3.3(Low)

There is a buffer overflow vulnerability in Mate 30 10.1.0.126(C00E125R5P3). A module does not verify the some input when dealing with messages. Attackers can exploit this vulnerability by sending mal...

CWE-1202021