|
208951
|
6.1 |
MEDIUM
Network
|
cure53
debian
microsoft
oracle
|
dompurify
debian_linux
visual_studio_2017
visual_studio_2019
application_express
|
Cure53 DOMPurify before 2.0.17 allows mutation XSS. This occurs because a serialize-parse roundtrip does not necessarily return the original DOM tree, and a namespace can change from HTML to MathML, …
|
CWE-79
Cross-site Scripting
|
CVE-2020-26870
|
2024-11-21 14:20 |
2020-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208952
|
8.8 |
HIGH
Network
|
elementor
|
elementor_pro
|
The Dynamic OOO widget for the Elementor Pro plugin through 3.0.5 for WordPress allows remote authenticated users to execute arbitrary code because only the Editor role is needed to upload executable…
|
CWE-269
Improper Privilege Management
|
CVE-2020-26596
|
2024-11-21 14:20 |
2020-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208953
|
9.8 |
CRITICAL
Network
|
google
|
android
|
An issue was discovered in TimaService on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. PendingIntent with an empty intent is mishandled, allowing an attacker to perform a privile…
|
NVD-CWE-noinfo
|
CVE-2020-26607
|
2024-11-21 14:20 |
2020-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208954
|
7.5 |
HIGH
Network
|
google
|
android
|
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), Q(10.0), and R(11.0) software. An attacker can access certain Secure Folder content via a debugging command. The Samsung ID is S…
|
NVD-CWE-noinfo
|
CVE-2020-26606
|
2024-11-21 14:20 |
2020-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208955
|
7.5 |
HIGH
Network
|
google
|
android
|
An issue was discovered on Samsung mobile devices with Q(10.0) and R(11.0) (Exynos chipsets) software. They allow attackers to obtain sensitive information by reading a log. The Samsung ID is SVE-202…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2020-26605
|
2024-11-21 14:20 |
2020-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208956
|
7.5 |
HIGH
Network
|
google
|
android
|
An issue was discovered in SystemUI on Samsung mobile devices with O(8.x), P(9.0), Q(10.0), and R(11.0) software. PendingIntent allows an unprivileged process to access contact numbers. The Samsung I…
|
NVD-CWE-noinfo
|
CVE-2020-26604
|
2024-11-21 14:20 |
2020-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208957
|
5.3 |
MEDIUM
Network
|
google
|
android
|
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. Sticker Center allows directory traversal for an unprivileged process to read arbitrary files. The Samsung…
|
CWE-22
Path Traversal
|
CVE-2020-26603
|
2024-11-21 14:20 |
2020-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208958
|
7.5 |
HIGH
Network
|
google
|
android
|
An issue was discovered in EthernetNetwork on Samsung mobile devices with O(8.1), P(9.0), Q(10.0), and R(11.0) software. PendingIntent allows sdcard access by an unprivileged process. The Samsung ID …
|
CWE-668
Exposure of Resource to Wrong Sphere
|
CVE-2020-26602
|
2024-11-21 14:20 |
2020-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208959
|
7.5 |
HIGH
Network
|
google
|
android
|
An issue was discovered in DirEncryptService on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. PendingIntent with an empty intent is mishandled, allowing an attacker to perform a p…
|
NVD-CWE-noinfo
|
CVE-2020-26601
|
2024-11-21 14:20 |
2020-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208960
|
7.5 |
HIGH
Network
|
google
|
android
|
An issue was discovered on Samsung mobile devices with Q(10.0) software. Auto Hotspot allows attackers to obtain sensitive information. The Samsung ID is SVE-2020-17288 (October 2020).
|
NVD-CWE-noinfo
|
CVE-2020-26600
|
2024-11-21 14:20 |
2020-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
