Search

Search Results (362833 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2020-25071 1 Niftypm 1 Nifty 2024-11-21 5.4 Medium
Nifty Project Management Web Application 2020-08-26 allows XSS, via Add Task, that is rendered upon a Project Home visit. Note: It has been argued that this is not reproducible. "The original issue was that the task would be created and an alert would be shown on the screen. Now the task would be created, but the alert won't be executed as those attributes are now stripped.
CVE-2020-25070 1 Usvn 1 Usvn 2024-11-21 8.8 High
USVN (aka User-friendly SVN) before 1.0.10 allows CSRF, related to the lack of the SameSite Strict feature.
CVE-2020-25069 1 Usvn 1 Usvn 2024-11-21 9.8 Critical
USVN (aka User-friendly SVN) before 1.0.10 allows attackers to execute arbitrary code in the commit view.
CVE-2020-25068 1 Setelsa-security 1 Conacwin 2024-11-21 7.5 High
Setelsa Conacwin v3.7.1.2 is vulnerable to a local file inclusion vulnerability. This vulnerability allows a remote unauthenticated attacker to read internal files on the server via an http:IP:PORT/../../path/file_to_disclose Directory Traversal URI. NOTE: The manufacturer indicated that the affected version does not exist. Furthermore, they indicated that they detected this problem in an internal audit more than 3 years ago and fixed it in 2017.
CVE-2020-25067 1 Netgear 2 R8300, R8300 Firmware 2024-11-21 9.6 Critical
NETGEAR R8300 devices before 1.0.2.134 are affected by command injection by an unauthenticated attacker.
CVE-2020-25066 1 Treck 1 Tcp\/ip 2024-11-21 10 Critical
A heap-based buffer overflow in the Treck HTTP Server component before 6.0.1.68 allows remote attackers to cause a denial of service (crash/reset) or to possibly execute arbitrary code.
CVE-2020-25065 1 Google 1 Android 2024-11-21 7.5 High
An issue was discovered on LG mobile devices with Android OS 4.4, 5.0, 5.1, 6.0, 7.0, 7.1, 8.0, 8.1, 9.0, and 10 software. Key logging may occur because of an obsolete API. The LG ID is LVE-SMP-170010 (August 2020).
CVE-2020-25064 1 Google 1 Android 2024-11-21 7.5 High
An issue was discovered on LG mobile devices with Android OS 4.4, 5.0, 5.1, 6.0, 7.0, 7.1, 8.0, 8.1, 9.0, and 10 software. Certain automated testing is mishandled. The LG ID is LVE-SMP-200019 (August 2020).
CVE-2020-25063 1 Google 1 Android 2024-11-21 7.5 High
An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 software. An application crash can occur because of incorrect application-level input validation. The LG ID is LVE-SMP-200018 (July 2020).
CVE-2020-25062 1 Google 1 Android 2024-11-21 9.8 Critical
An issue was discovered on LG mobile devices with Android OS 9 and 10 software. LGTelephonyProvider allows a bypass of intended privilege restrictions. The LG ID is LVE-SMP-200017 (July 2020).
CVE-2020-25061 1 Google 1 Android 2024-11-21 9.8 Critical
An issue was discovered on LG mobile devices with Android OS 9 and 10 software on the VZW network. lge_property allows property overwrites. The LG ID is LVE-SMP-200016 (July 2020).
CVE-2020-25060 1 Google 1 Android 2024-11-21 7.8 High
An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 software. Local users can gain privileges because of LAF and SBL1 flaws. The LG ID is LVE-SMP-200015 (July 2020).
CVE-2020-25059 1 Google 1 Android 2024-11-21 7.5 High
An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 software. A service crash may occur because of incorrect input validation. The LG ID is LVE-SMP-200013 (July 2020).
CVE-2020-25058 1 Google 1 Android 2024-11-21 9.8 Critical
An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9, and 10 software. The network_management service does not properly restrict configuration changes. The LG ID is LVE-SMP-200012 (July 2020).
CVE-2020-25057 1 Google 1 Android 2024-11-21 9.8 Critical
An issue was discovered on LG mobile devices with Android OS 10 software. MDMService does not properly restrict APK installations. The LG ID is LVE-SMP-200011 (July 2020).
CVE-2020-25056 2 Google, Samsung 2 Android, Galaxy S20 2024-11-21 7.5 High
An issue was discovered on Samsung mobile devices with Q(10.0) (Galaxy S20) software. Because HAL improperly checks versions, bootloading by the S.LSI NFC chipset is mishandled. The Samsung ID is SVE-2020-16169 (August 2020).
CVE-2020-25055 1 Google 1 Android 2024-11-21 9.8 Critical
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. The persona service allows attackers (who control an unprivileged SecureFolder process) to bypass admin restrictions in KnoxContainer. The Samsung ID is SVE-2020-18133 (August 2020).
CVE-2020-25054 1 Samsung 1 Exynos 2024-11-21 9.1 Critical
An issue was discovered on Samsung mobile devices with software through 2020-04-02 (Exynos modem chipsets). There is a heap-based buffer over-read in the Shannon baseband. The Samsung ID is SVE-2020-17239 (August 2020).
CVE-2020-25053 2 Google, Samsung 2 Android, Exynos 9830 2024-11-21 9.8 Critical
An issue was discovered on Samsung mobile devices with Q(10.0) (exynos9830 chipsets) software. RKP allows arbitrary code execution. The Samsung ID is SVE-2020-17435 (August 2020).
CVE-2020-25052 2 Google, Samsung 2 Android, Exynos 9830 2024-11-21 9.8 Critical
An issue was discovered on Samsung mobile devices with Q(10.0) (exynos9830 chipsets) software. H-Arx allows attackers to execute arbitrary code or cause a denial of service (memory corruption) because indexes are mishandled. The Samsung ID is SVE-2020-17426 (August 2020).