|
214891
|
7.5 |
HIGH
Network
|
google
|
android
|
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. Attackers can trigger an update to arbitrary touch-screen firmware. The Samsung ID is SVE-2019-16013 (Marc…
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2020-10831
|
2024-11-21 13:56 |
2020-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214892
|
2.4 |
LOW
Physics
|
google
|
android
|
An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) software. Attackers can view notifications by entering many PINs in Lockdown mode. The Samsung ID is SVE-2019-16590 (March 20…
|
NVD-CWE-noinfo
|
CVE-2020-10830
|
2024-11-21 13:56 |
2020-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214893
|
7.8 |
HIGH
Local
|
google
|
android
|
An issue was discovered on Samsung mobile devices with O(8.0), P(9.0), and Q(10.0) (Broadcom chipsets) software. A kernel driver heap overflow leads to arbitrary code execution. The Samsung ID is SVE…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-10829
|
2024-11-21 13:56 |
2020-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214894
|
9.8 |
CRITICAL
Network
|
graphicsmagick
debian
opensuse
|
graphicsmagick
debian_linux
leap
backports
|
GraphicsMagick before 1.3.35 has an integer overflow and resultant heap-based buffer overflow in HuffmanDecodeImage in magick/compress.c.
|
CWE-787
CWE-190
Out-of-bounds Write
Integer Overflow or Wraparound
|
CVE-2020-10938
|
2024-11-21 13:56 |
2020-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214895
|
7.2 |
HIGH
Network
|
acyba
|
acymailing
|
Acyba AcyMailing before 6.9.2 mishandles file uploads by admins.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2020-10934
|
2024-11-21 13:56 |
2020-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214896
|
7.5 |
HIGH
Network
|
memcached
|
memcached
|
Memcached 1.6.x before 1.6.2 allows remote attackers to cause a denial of service (daemon crash) via a crafted binary protocol header to try_read_command_binary in memcached.c.
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-10931
|
2024-11-21 13:56 |
2020-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214897
|
9.8 |
CRITICAL
Network
|
rconfig
|
rconfig
|
rConfig before 3.9.5 allows command injection by sending a crafted GET request to lib/crud/search.crud.php since the nodeId parameter is passed directly to the exec function without being escaped.
|
CWE-78
OS Command
|
CVE-2020-10879
|
2024-11-21 13:56 |
2020-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214898
|
7.5 |
HIGH
Network
|
zebra
|
fx9500_firmware
|
Motorola FX9500 devices allow remote attackers to conduct absolute path traversal attacks, as demonstrated by PL/SQL Server Pages files such as /include/viewtagdb.psp.
|
CWE-22
Path Traversal
|
CVE-2020-10875
|
2024-11-21 13:56 |
2020-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214899
|
7.5 |
HIGH
Network
|
motorola
|
fx9500-41324d41-us_firmware
fx9500-41324d41-ww_firmware
fx9500-81324d41-us_firmware
fx9500-81324d41-ww_firmware
|
Motorola FX9500 devices allow remote attackers to read database files.
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2020-10874
|
2024-11-21 13:56 |
2020-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214900
|
5.3 |
MEDIUM
Network
|
openwrt
|
luci
|
In OpenWrt LuCI git-20.x, remote unauthenticated attackers can retrieve the list of installed packages and services. NOTE: the vendor disputes the significance of this report because, for instances r…
|
CWE-200
Information Exposure
|
CVE-2020-10871
|
2024-11-21 13:56 |
2020-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
