|
209241
|
7.5 |
HIGH
Network
|
google
|
android
|
An issue was discovered on LG mobile devices with Android OS 10 software. The Wi-Fi subsystem may crash because of the lack of a NULL parameter check. The LG ID is LVE-SMP-200025 (November 2020).
|
CWE-476
NULL Pointer Dereference
|
CVE-2020-28345
|
2024-11-21 14:22 |
2020-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209242
|
7.5 |
HIGH
Network
|
google
|
android
|
An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9.0, and 10 software. System services may crash because of the lack of a NULL parameter check. The LG ID is LVE-SMP-200024 (Nove…
|
CWE-476
NULL Pointer Dereference
|
CVE-2020-28344
|
2024-11-21 14:22 |
2020-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209243
|
7.8 |
HIGH
Local
|
google
|
android
|
An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (Exynos 980, 9820, and 9830 chipsets) software. The NPU driver allows attackers to execute arbitrary code because of unintend…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-28343
|
2024-11-21 14:22 |
2020-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209244
|
7.8 |
HIGH
Local
|
google
|
android
|
An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (China / India) software. The S Secure application allows attackers to bypass authentication for a locked Gallery application…
|
NVD-CWE-Other
|
CVE-2020-28342
|
2024-11-21 14:22 |
2020-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209245
|
7.8 |
HIGH
Local
|
google
|
android
|
An issue was discovered on Samsung mobile devices with Q(10.0) (Exynos990 chipsets) software. The S3K250AF Secure Element CC EAL 5+ chip allows attackers to execute arbitrary code and obtain sensitiv…
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-28341
|
2024-11-21 14:22 |
2020-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209246
|
9.8 |
CRITICAL
Network
|
google
|
android
|
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), Q(10.0), and R(11.0) software. Attackers can bypass Factory Reset Protection (FRP) via Secure Folder. The Samsung ID is SVE-2020…
|
NVD-CWE-noinfo
|
CVE-2020-28340
|
2024-11-21 14:22 |
2020-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209247
|
8.8 |
HIGH
Network
|
collne
|
welcart_e-commerce
|
The usc-e-shop (aka Collne Welcart e-Commerce) plugin before 1.9.36 for WordPress allows Object Injection because of usces_unserialize. There is not a complete POP chain.
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2020-28339
|
2024-11-21 14:22 |
2020-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209248
|
5.9 |
MEDIUM
Network
|
axios
siemens
|
axios
sinec_ins
|
Axios NPM package 0.21.0 contains a Server-Side Request Forgery (SSRF) vulnerability where an attacker is able to bypass a proxy by providing a URL that responds with a redirect to a restricted host …
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2020-28168
|
2024-11-21 14:22 |
2020-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209249
|
8.8 |
HIGH
Network
|
salesagility
|
suitecrm
|
SuiteCRM before 7.11.17 is vulnerable to remote code execution via the system settings Log File Name setting. In certain circumstances involving admin account takeover, logger_file_name can refer to …
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2020-28328
|
2024-11-21 14:22 |
2020-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209250
|
5.3 |
MEDIUM
Network
|
digium
sangoma
|
certified_asterisk
asterisk
|
A res_pjsip_session crash was discovered in Asterisk Open Source 13.x before 13.37.1, 16.x before 16.14.1, 17.x before 17.8.1, and 18.x before 18.0.1. and Certified Asterisk before 16.8-cert5. Upon r…
|
CWE-404
Improper Resource Shutdown or Release
|
CVE-2020-28327
|
2024-11-21 14:22 |
2020-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
