|
198701
|
7.5 |
HIGH
Network
|
google
|
android
|
An issue was discovered on Samsung mobile devices with Q(10.0) and R(11.0) (Qualcomm SM8250 chipsets) software. They allows attackers to cause a denial of service (unlock failure) by triggering a pow…
|
CWE-920
Improper Restriction of Power Consumption
|
CVE-2020-35553
|
2024-11-21 14:27 |
2020-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198702
|
5.3 |
MEDIUM
Network
|
google
|
android
|
An issue was discovered in the GPS daemon on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (non-Qualcomm chipsets) software. Attackers can obtain sensitive location information because the …
|
NVD-CWE-noinfo
|
CVE-2020-35552
|
2024-11-21 14:27 |
2020-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198703
|
9.8 |
CRITICAL
Network
|
google
|
android
|
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos chipsets) software. They allow attackers to conduct RPMB state-change attacks because an unauthorized RPMB w…
|
CWE-294
Authentication Bypass by Capture-replay
|
CVE-2020-35551
|
2024-11-21 14:27 |
2020-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198704
|
9.8 |
CRITICAL
Network
|
google
|
android
|
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), Q(10.0), and R(11.0) software. Attackers can bypass Factory Reset Protection (FRP) via StatusBar. The Samsung ID is SVE-2020-178…
|
NVD-CWE-noinfo
|
CVE-2020-35550
|
2024-11-21 14:27 |
2020-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198705
|
5.5 |
MEDIUM
Local
|
google
|
android
|
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. Any application may establish itself as the default dialer, without user interaction. The Samsung ID is SV…
|
NVD-CWE-noinfo
|
CVE-2020-35549
|
2024-11-21 14:27 |
2020-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198706
|
5.5 |
MEDIUM
Local
|
google
|
android
|
An issue was discovered in Finder on Samsung mobile devices with Q(10.0) software. A call to a non-existent provider allows attackers to cause a denial of service. The Samsung ID is SVE-2020-18629 (D…
|
NVD-CWE-noinfo
|
CVE-2020-35548
|
2024-11-21 14:27 |
2020-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198707
|
5.3 |
MEDIUM
Network
|
mediawiki
debian
fedoraproject
|
mediawiki
debian_linux
fedora
|
An issue was discovered in MediaWiki before 1.35.1. Missing users (accounts that don't exist) and hidden users (accounts that have been explicitly hidden due to being abusive, or similar) that the vi…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2020-35480
|
2024-11-21 14:27 |
2020-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198708
|
6.1 |
MEDIUM
Network
|
mediawiki
debian
fedoraproject
|
mediawiki
debian_linux
fedora
|
MediaWiki before 1.35.1 allows XSS via BlockLogFormatter.php. Language::translateBlockExpiry itself does not escape in all code paths. For example, the return of Language::userTimeAndDate is is alway…
|
CWE-79
Cross-site Scripting
|
CVE-2020-35479
|
2024-11-21 14:27 |
2020-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198709
|
6.1 |
MEDIUM
Network
|
mediawiki
fedoraproject
|
mediawiki
fedora
|
MediaWiki before 1.35.1 allows XSS via BlockLogFormatter.php. MediaWiki:blanknamespace potentially can be output as raw HTML with SCRIPT tags via LogFormatter::makePageLink(). This affects MediaWiki …
|
CWE-79
Cross-site Scripting
|
CVE-2020-35478
|
2024-11-21 14:27 |
2020-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198710
|
5.3 |
MEDIUM
Network
|
mediawiki
debian
fedoraproject
|
mediawiki
debian_linux
fedora
|
MediaWiki before 1.35.1 blocks legitimate attempts to hide log entries in some situations. If one sets MediaWiki:Mainpage to Special:MyLanguage/Main Page, visits a log entry on Special:Log, and toggl…
|
CWE-670
Always-Incorrect Control Flow Implementation
|
CVE-2020-35477
|
2024-11-21 14:27 |
2020-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
