|
221511
|
9.8 |
CRITICAL
Network
|
google
|
openthread
|
OpenThread before 2019-12-13 has a stack-based buffer overflow in MeshCoP::Commissioner::GeneratePskc.
|
CWE-787
Out-of-bounds Write
|
CVE-2019-20791
|
2024-11-21 13:39 |
2020-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221512
|
9.8 |
CRITICAL
Network
|
trusteddomain
pypolicyd-spf_project
fedoraproject
|
opendmarc
pypolicyd-spf
fedora
|
OpenDMARC through 1.3.2 and 1.4.x, when used with pypolicyd-spf 2.0.2, allows attacks that bypass SPF and DMARC authentication in situations where the HELO field is inconsistent with the MAIL FROM fi…
|
CWE-290
Authentication Bypass by Spoofing
|
CVE-2019-20790
|
2024-11-21 13:39 |
2020-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221513
|
4.8 |
MEDIUM
Network
|
croogo
|
croogo
|
Croogo before 3.0.7 allows XSS via the title to admin/menus/menus or admin/taxonomy/vocabularies.
|
CWE-79
Cross-site Scripting
|
CVE-2019-20789
|
2024-11-21 13:39 |
2020-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221514
|
9.8 |
CRITICAL
Network
|
libvnc_project
canonical
debian
siemens
|
libvncserver
ubuntu_linux
debian_linux
simatic_itc1500_firmware
simatic_itc1500_pro_firmware
simatic_itc1900_firmware
simatic_itc1900_pro_firmware
simatic_itc2200_firmware
sim…
|
libvncclient/cursor.c in LibVNCServer through 0.9.12 has a HandleCursorShape integer overflow and heap-based buffer overflow via a large height or width value. NOTE: this may overlap CVE-2019-15690.
|
CWE-787
CWE-190
Out-of-bounds Write
Integer Overflow or Wraparound
|
CVE-2019-20788
|
2024-11-21 13:39 |
2020-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221515
|
9.8 |
CRITICAL
Network
|
teeworlds
opensuse
|
teeworlds
leap
|
Teeworlds before 0.7.4 has an integer overflow when computing a tilemap size.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2019-20787
|
2024-11-21 13:39 |
2020-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221516
|
9.8 |
CRITICAL
Network
|
pion
|
dtls
|
handleIncomingPacket in conn.go in Pion DTLS before 1.5.2 lacks a check for application data with epoch 0, which allows remote attackers to inject arbitrary unencrypted data after handshake completio…
|
CWE-287
Improper Authentication
|
CVE-2019-20786
|
2024-11-21 13:39 |
2020-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221517
|
6.8 |
MEDIUM
Physics
|
google
|
android
|
An issue was discovered on LG mobile devices with Android OS 8.0 and 8.1 software for the DTAG carrier. RILD in the radio layer uses an uninitialized variable. The LG ID is LVE-SMP-180013 (January 20…
|
CWE-908
Use of Uninitialized Resource
|
CVE-2019-20785
|
2024-11-21 13:39 |
2020-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221518
|
5.5 |
MEDIUM
Local
|
google
|
android
|
An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, and 8.1 (MTK chipsets) software. Interaction of GPS with 911 emergency calls is mishandled. The LG ID is LVE-SMP-18001…
|
NVD-CWE-noinfo
|
CVE-2019-20784
|
2024-11-21 13:39 |
2020-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221519
|
9.1 |
CRITICAL
Network
|
google
|
android
|
An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, and 8.1 (North America CDMA) software. The LTE protocol implementation allows a bypass of AKA (Authentication and Key …
|
NVD-CWE-noinfo
|
CVE-2019-20783
|
2024-11-21 13:39 |
2020-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221520
|
9.8 |
CRITICAL
Network
|
google
|
android
|
An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, and 8.1 software. LG Advanced Flash (LAF) has a buffer overflow. The LG ID is LVE-SMP-190001 (March 2019).
|
CWE-120
Classic Buffer Overflow
|
CVE-2019-20782
|
2024-11-21 13:39 |
2020-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
