|
215071
|
5.5 |
MEDIUM
Local
|
oppo
|
reno3_pro_firmware
find_x2_pro_firmware
|
In functions charging_limit_current_write and charging_limit_time_write in /SM8250_Q_Master/android/vendor/oppo_charger/oppo/oppo_charger.c have not checked the parameters, which causes a vulnerabili…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-11832
|
2024-11-21 13:58 |
2021-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215072
|
3.8 |
LOW
Local
|
qemu
|
qemu
|
iscsi_aio_ioctl_cb in block/iscsi.c in QEMU 4.1.0 has a heap-based buffer over-read that may disclose unrelated information from process memory to an attacker.
|
CWE-125
Out-of-bounds Read
|
CVE-2020-11947
|
2024-11-21 13:58 |
2020-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215073
|
7.5 |
HIGH
Network
|
bilanc
|
bilanc
|
An issue was discovered in Programi Bilanc build 007 release 014 31.01.2020 and possibly below. It relies on broken encryption with a weak and guessable static encryption key.
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2020-11719
|
2024-11-21 13:58 |
2020-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215074
|
9.8 |
CRITICAL
Network
|
bilanc
|
bilanc
|
An issue was discovered in Programi Bilanc build 007 release 014 31.01.2020 and possibly below. During the installation, it sets up administrative access by default with the account admin and passwor…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2020-11720
|
2024-11-21 13:58 |
2020-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215075
|
7.4 |
HIGH
Network
|
bilanc
|
bilanc
|
An issue was discovered in Programi Bilanc build 007 release 014 31.01.2020 and below. Its software-update packages are downloaded via cleartext HTTP.
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2020-11718
|
2024-11-21 13:58 |
2020-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215076
|
9.8 |
CRITICAL
Network
|
bilanc
|
bilanc
|
An issue was discovered in Programi 014 31.01.2020. It has multiple SQL injection vulnerabilities.
|
CWE-89
SQL Injection
|
CVE-2020-11717
|
2024-11-21 13:58 |
2020-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215077
|
3.3 |
LOW
Local
|
audacityteam
fedoraproject
|
audacity
fedora
|
Audacity through 2.3.3 saves temporary files to /var/tmp/audacity-$USER by default. After Audacity creates the temporary directory, it sets its permissions to 755. Any user on the system can read and…
|
CWE-276
Incorrect Default Permissions
|
CVE-2020-11867
|
2024-11-21 13:58 |
2020-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215078
|
9.8 |
CRITICAL
Network
|
oppo
|
ovoicemanager
|
OvoiceManager has system permission to write vulnerability reports for arbitrary files, affected product is com.oppo.ovoicemanager V2.0.1.
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2020-11831
|
2024-11-21 13:58 |
2020-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215079
|
9.8 |
CRITICAL
Network
|
oppo
|
qualityprotect
|
QualityProtect has a vulnerability to execute arbitrary system commands, affected product is com.oppo.qualityprotect V2.0.
|
NVD-CWE-noinfo
|
CVE-2020-11830
|
2024-11-21 13:58 |
2020-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215080
|
9.8 |
CRITICAL
Network
|
oppo
|
coloros
|
Dynamic loading of services in the backup and restore SDK leads to elevated privileges, affected product is com.coloros.codebook V2.0.0_5493e40_200722.
|
NVD-CWE-noinfo
|
CVE-2020-11829
|
2024-11-21 13:58 |
2020-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
