|
219381
|
2.4 |
LOW
Physics
|
google
|
android
|
An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) software. Google Assistant leaks clipboard contents on a locked device. The Samsung ID is SVE-2019-16558 (April 2020).
|
NVD-CWE-noinfo
|
CVE-2020-11602
|
2024-11-21 13:58 |
2020-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219382
|
5.5 |
MEDIUM
Local
|
google
|
android
|
An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) software. There is unauthorized access to applications in the Secure Folder via floating icons. The Samsung ID is SVE-2019-16…
|
NVD-CWE-noinfo
|
CVE-2020-11601
|
2024-11-21 13:58 |
2020-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219383
|
9.8 |
CRITICAL
Network
|
google
|
android
|
An issue was discovered on Samsung mobile devices with Q(10.0) software. There is arbitrary code execution in the Fingerprint Trustlet via a memory overwrite. The Samsung IDs are SVE-2019-16587, SVE-…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-11600
|
2024-11-21 13:58 |
2020-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219384
|
6.5 |
MEDIUM
Network
|
primekey
|
ejbca
|
An issue was discovered in EJBCA before 6.15.2.6 and 7.x before 7.3.1.2. An error state can be generated in the CA UI by a malicious user. This, in turn, allows exploitation of other bugs. This follo…
|
NVD-CWE-noinfo
|
CVE-2020-11631
|
2024-11-21 13:58 |
2020-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219385
|
9.8 |
CRITICAL
Network
|
primekey
|
ejbca
|
An issue was discovered in EJBCA before 6.15.2.6 and 7.x before 7.3.1.2. In several sections of code, the verification of serialized objects sent between nodes (connected via the Peers protocol) allo…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2020-11630
|
2024-11-21 13:58 |
2020-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219386
|
7.2 |
HIGH
Network
|
primekey
|
ejbca
|
An issue was discovered in EJBCA before 6.15.2.6 and 7.x before 7.3.1.2. The External Command Certificate Validator, which allows administrators to upload external linters to validate certificates, i…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2020-11629
|
2024-11-21 13:58 |
2020-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219387
|
5.3 |
MEDIUM
Network
|
primekey
|
ejbca
|
An issue was discovered in EJBCA before 6.15.2.6 and 7.x before 7.3.1.2. It is intended to support restriction of available remote protocols (CMP, ACME, REST, etc.) through the system configuration. …
|
CWE-863
Incorrect Authorization
|
CVE-2020-11628
|
2024-11-21 13:58 |
2020-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219388
|
8.8 |
HIGH
Network
|
primekey
|
ejbca
|
An issue was discovered in EJBCA before 6.15.2.6 and 7.x before 7.3.1.2. A Cross Site Request Forgery (CSRF) issue has been found in the CA UI.
|
CWE-352
Origin Validation Error
|
CVE-2020-11627
|
2024-11-21 13:58 |
2020-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219389
|
6.1 |
MEDIUM
Network
|
primekey
|
ejbca
|
An issue was discovered in EJBCA before 6.15.2.6 and 7.x before 7.3.1.2. Two Cross Side Scripting (XSS) vulnerabilities have been found in the Public Web and the Certificate/CRL download servlets.
|
CWE-79
Cross-site Scripting
|
CVE-2020-11626
|
2024-11-21 13:58 |
2020-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219390
|
9.8 |
CRITICAL
Network
|
opsramp
|
gateway
|
OpsRamp Gateway before 7.0.0 has a backdoor account vadmin with the password 9vt@f3Vt that allows root SSH access to the server. This issue has been resolved in OpsRamp Gateway firmware version 7.0.0…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2020-11543
|
2024-11-21 13:58 |
2020-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
