|
208181
|
7.5 |
HIGH
Network
|
google
|
android
|
An issue was discovered in DirEncryptService on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. PendingIntent with an empty intent is mishandled, allowing an attacker to perform a p…
|
NVD-CWE-noinfo
|
CVE-2020-26601
|
2024-11-21 14:20 |
2020-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208182
|
7.5 |
HIGH
Network
|
google
|
android
|
An issue was discovered on Samsung mobile devices with Q(10.0) software. Auto Hotspot allows attackers to obtain sensitive information. The Samsung ID is SVE-2020-17288 (October 2020).
|
NVD-CWE-noinfo
|
CVE-2020-26600
|
2024-11-21 14:20 |
2020-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208183
|
5.3 |
MEDIUM
Network
|
google
|
android
|
An issue was discovered on Samsung mobile devices with Q(10.0) software. The DynamicLockscreen Terms and Conditions can be accepted without authentication. The Samsung ID is SVE-2020-17079 (October 2…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2020-26599
|
2024-11-21 14:20 |
2020-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208184
|
7.5 |
HIGH
Network
|
google
|
android
|
An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, and 9.0 software. The Network Management component could allow an unauthorized actor to kill a TCP connection. The LG ID is LVE-…
|
CWE-862
Missing Authorization
|
CVE-2020-26598
|
2024-11-21 14:20 |
2020-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208185
|
7.5 |
HIGH
Network
|
google
|
android
|
An issue was discovered on LG mobile devices with Android OS 9.0 and 10 software. The Wi-Fi subsystem has incorrect input validation, leading to a crash. The LG ID is LVE-SMP-200022 (October 2020).
|
CWE-20
Improper Input Validation
|
CVE-2020-26597
|
2024-11-21 14:20 |
2020-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208186
|
8.8 |
HIGH
Network
|
dlink
|
dap-1360u_firmware
|
D-Link DAP-1360U before 3.0.1 devices allow remote authenticated users to execute arbitrary commands via shell metacharacters in the IP JSON value for ping (aka res_config_action=3&res_config_id=18).
|
CWE-78
OS Command
|
CVE-2020-26582
|
2024-11-21 14:20 |
2020-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208187
|
7.5 |
HIGH
Network
|
wireshark
fedoraproject
debian
oracle
|
wireshark
fedora
debian_linux
zfs_storage_appliance_firmware
|
In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop. This was addressed in epan/dissectors/packet-fbzero.c by correcting the implementation of o…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2020-26575
|
2024-11-21 14:20 |
2020-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208188
|
9.6 |
CRITICAL
Network
|
leostream
|
connection_broker
|
Leostream Connection Broker 8.2.x is affected by stored XSS. An unauthenticated attacker can inject arbitrary JavaScript code via the webquery.pl User-Agent HTTP header. It is rendered by the admins …
|
CWE-79
Cross-site Scripting
|
CVE-2020-26574
|
2024-11-21 14:20 |
2020-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208189
|
5.5 |
MEDIUM
Local
|
opensc_project
fedoraproject
debian
|
opensc
fedora
debian_linux
|
The TCOS smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in tcos_decipher.
|
CWE-787
Out-of-bounds Write
|
CVE-2020-26572
|
2024-11-21 14:20 |
2020-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208190
|
5.5 |
MEDIUM
Local
|
opensc_project
debian
fedoraproject
|
opensc
debian_linux
fedora
|
The gemsafe GPK smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in sc_pkcs15emu_gemsafeGPK_init.
|
CWE-787
Out-of-bounds Write
|
CVE-2020-26571
|
2024-11-21 14:20 |
2020-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
