VYPR

CVEs

101,963 total · page 1433 of 2,040

  • CVE-2020-0406HigSep 17, 2020
    risk 0.51cvss 7.8epss 0.00

    In libmpeg2dec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if another exploit allowed this to be triggered with different parameters, with no additional execution privileges needed. User interaction is…

  • CVE-2020-0375HigSep 17, 2020
    risk 0.51cvss 7.8epss 0.00

    In Telephony, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege and the setting of supported EUICC countries with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2020-0374HigSep 17, 2020
    risk 0.51cvss 7.8epss 0.00

    In NFC, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-156251602

  • CVE-2020-0369HigSep 17, 2020
    risk 0.51cvss 7.8epss 0.00

    In libavb, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID:…

  • CVE-2020-0366HigSep 17, 2020
    risk 0.51cvss 7.8epss 0.00

    In PackageInstaller, there is a possible permissions bypass due to a tapjacking vulnerability. This could lead to local escalation of privilege using an app set as the default Assist app with User execution privileges needed. User interaction is needed for exploitation.Product:…

  • CVE-2020-0360HigSep 17, 2020
    risk 0.51cvss 7.8epss 0.00

    In Notification Access Confirmation, there is a possible permissions bypass due to uninformed consent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android…

  • CVE-2020-0357HigSep 17, 2020
    risk 0.51cvss 7.8epss 0.00

    In SurfaceFlinger, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the graphics server with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2020-0346HigSep 17, 2020
    risk 0.51cvss 7.8epss 0.00

    In Mediaserver, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege if integer sanitization were not enabled (which it is by default), with no additional execution privileges needed. User interaction is not needed…

  • CVE-2020-0345HigSep 17, 2020
    risk 0.51cvss 7.8epss 0.00

    In DocumentsUI, there is a possible permission bypass due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-144286721

  • CVE-2020-0341HigSep 17, 2020
    risk 0.51cvss 7.8epss 0.00

    In DisplayManager, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2020-0321HigSep 17, 2020
    risk 0.57cvss 8.8epss 0.01

    In the mp3 extractor, there is a possible out of bounds write due to uninitialized data. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID:…

  • CVE-2020-0306HigSep 17, 2020
    risk 0.51cvss 7.8epss 0.00

    In LLVM, there is a possible ineffective stack cookie placement due to stack frame double reservation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2020-0303HigSep 17, 2020
    risk 0.57cvss 8.8epss 0.01

    In the Media extractor, there is a possible use after free due to improper locking. This could lead to remote code execution in the media extractor with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:…

  • CVE-2020-0277HigSep 17, 2020
    risk 0.51cvss 7.8epss 0.00

    In NetworkPolicyManagerService, there is a possible permissions bypass due to a missing permission check. This could lead to local escalation of privilege allowing a malicious app to modify the device's data plan with no additional execution privileges needed. User interaction…

  • CVE-2020-0275HigSep 17, 2020
    risk 0.51cvss 7.8epss 0.00

    In MediaProvider, there is a possible way to access ContentResolver and MediaStore entries the app shouldn't have access to due to a permissions bypass. This could lead to local escalation of privilege, with no additional execution privileges needed. User interaction is not…

  • CVE-2020-0267HigSep 17, 2020
    risk 0.51cvss 7.8epss 0.01

    In WindowManager, there is a possible launch of an unexpected app due to a confused deputy. This could lead to local escalation of privilege due to launching a malicious app instead of the one the user intended, with no additional execution privileges needed. User interaction is…

  • CVE-2020-0266HigSep 17, 2020
    risk 0.51cvss 7.8epss 0.00

    In factory reset protection, there is a possible FRP bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2020-0264HigSep 17, 2020
    risk 0.57cvss 8.8epss 0.01

    In libstagefright, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-116718596

  • CVE-2020-0130HigSep 17, 2020
    risk 0.51cvss 7.8epss 0.00

    In screencap, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege in a system process with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2020-15183HigSep 17, 2020
    risk 0.00cvss 8.4epss 0.02

    SoyCMS 3.0.2 and earlier is affected by Reflected Cross-Site Scripting (XSS) which leads to Remote Code Execution (RCE) from a known vulnerability. This allows remote attackers to force the administrator to edit files once the adminsitrator loads a specially crafted webpage.

  • CVE-2020-15182HigSep 17, 2020
    risk 0.00cvss 8.4epss 0.01

    The SOY Inquiry component of SOY CMS is affected by Cross-site Request Forgery (CSRF) and Remote Code Execution (RCE). The vulnerability affects versions 2.0.0.3 and earlier of SOY Inquiry. This allows remote attackers to force the administrator to edit files once the…

  • CVE-2020-24750HigSep 17, 2020
    risk 0.46cvss 8.1epss 0.07

    FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to com.pastdev.httpcomponents.configuration.JndiConfiguration.

  • CVE-2020-0434HigSep 17, 2020
    risk 0.51cvss 7.8epss 0.00

    In Pixel's use of the Catpipe library, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…

  • CVE-2020-0433HigSep 17, 2020
    risk 0.51cvss 7.8epss 0.00

    In blk_mq_queue_tag_busy_iter of blk-mq-tag.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2020-0432HigSep 17, 2020
    risk 0.51cvss 7.8epss 0.00

    In skb_to_mamac of networking.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android…

  • CVE-2020-0430HigSep 17, 2020
    risk 0.51cvss 7.8epss 0.00

    In skb_headlen of /include/linux/skbuff.h, there is a possible out of bounds read due to memory corruption. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2020-0387HigSep 17, 2020
    risk 0.51cvss 7.8epss 0.00

    In manifest files of the SmartSpace package, there is a possible tapjacking vector due to a missing permission check. This could lead to local escalation of privilege and account hijacking with no additional execution privileges needed. User interaction is needed for…

  • CVE-2020-25728HigSep 17, 2020
    risk 0.57cvss 8.8epss 0.01

    The Reset Password add-on before 1.2.0 for Alfresco has a broken algorithm (involving an increment) that allows a malicious user to change any user's account password include the admin account.

  • CVE-2020-25727HigSep 17, 2020
    risk 0.49cvss 7.5epss 0.01

    The Reset Password add-on before 1.2.0 for Alfresco suffers from CMIS-SQL Injection, which allows a malicious user to inject a query within the email input field.

  • CVE-2020-25490HigSep 17, 2020
    risk 0.48cvss 7.3epss 0.01

    Lack of cryptographic signature verification in the Sqreen PHP agent daemon before 1.16.0 makes it easier for remote attackers to inject rules for execution inside the virtual machine.

  • CVE-2020-24046HigSep 17, 2020
    risk 0.47cvss 7.2epss 0.03

    A sandbox escape issue was discovered in TitanHQ SpamTitan Gateway 7.07. It limits the admin user to a restricted shell, allowing execution of a small number of tools of the operating system. This restricted shell can be bypassed after changing the properties of the user admin…

  • CVE-2020-24045HigSep 17, 2020
    risk 0.47cvss 7.2epss 0.02

    A sandbox escape issue was discovered in TitanHQ SpamTitan Gateway 7.07. It limits the admin user to a restricted shell, allowing execution of a small number of tools of the operating system. The restricted shell can be bypassed by presenting a fake vmware-tools ISO image to the…

  • CVE-2020-11804HigSep 17, 2020
    risk 0.61cvss 8.8epss 0.07

    An issue was discovered in Titan SpamTitan 7.07. Due to improper sanitization of the parameter quid, used in the page mailqueue.php, code injection can occur. The input for this parameter is provided directly by an authenticated user via an HTTP GET request.

  • CVE-2020-11803HigSep 17, 2020
    risk 0.61cvss 8.8epss 0.08

    An issue was discovered in Titan SpamTitan 7.07. Improper sanitization of the parameter jaction when interacting with the page mailqueue.php could lead to PHP code evaluation server-side, because the user-provided input is passed directly to the php eval() function. The user has…

  • CVE-2020-11699HigSep 17, 2020
    risk 0.61cvss 8.8epss 0.10

    An issue was discovered in Titan SpamTitan 7.07. Improper validation of the parameter fname on the page certs-x.php would allow an attacker to execute remote code on the target server. The user has to be authenticated before interacting with this page.

  • CVE-2020-0401HigSep 17, 2020
    risk 0.51cvss 7.8epss 0.00

    In setInstallerPackageName of PackageManagerService.java, there is a missing permission check. This could lead to local escalation of privilege and granting spurious permissions with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2020-0394HigSep 17, 2020
    risk 0.51cvss 7.8epss 0.00

    In onCreate of BluetoothPairingDialog.java, there is a possible tapjacking vector due to an insecure default value. This could lead to local escalation of privilege and untrusted devices accessing contact lists with no additional execution privileges needed. User interaction is…

  • CVE-2020-0392HigSep 17, 2020
    risk 0.51cvss 7.8epss 0.00

    In getLayerDebugInfo of SurfaceFlinger.cpp, there is a possible code execution due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:…

  • CVE-2020-0391HigSep 17, 2020
    risk 0.51cvss 7.8epss 0.00

    In applyPolicy of PackageManagerService.java, there is possible arbitrary command execution as System due to an unenforced protected-broadcast. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2020-0388HigSep 17, 2020
    risk 0.51cvss 7.8epss 0.00

    In createEmergencyLocationUserNotification of GnssVisibilityControl.java, there is a possible permissions bypass due to an empty mutable PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for…

  • CVE-2020-0381HigSep 17, 2020
    risk 0.49cvss 7.5epss 0.01

    In Parse_wave of eas_mdls.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote information disclosure in a highly constrained process with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2020-0245HigSep 17, 2020
    risk 0.57cvss 8.8epss 0.02

    In DecodeFrameCombinedMode of combined_decode.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product:…

  • CVE-2020-0074HigSep 17, 2020
    risk 0.51cvss 7.8epss 0.00

    In verifyIntentFiltersIfNeeded of PackageManagerService.java, there is a possible settings bypass allowing an app to become the default handler for arbitrary domains. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not…

  • CVE-2020-6116HigSep 17, 2020
    risk 0.53cvss 7.8epss 0.28

    An arbitrary code execution vulnerability exists in the rendering functionality of Nitro Software, Inc.’s Nitro Pro 13.13.2.242. When drawing the contents of a page using colors from an indexed colorspace, the application can miscalculate the size of a buffer when allocating…

  • CVE-2020-6115HigSep 17, 2020
    risk 0.51cvss 7.8epss 0.03

    An exploitable vulnerability exists in the cross-reference table repairing functionality of Nitro Software, Inc.’s Nitro Pro 13.13.2.242. While searching for an object identifier in a malformed document that is missing from the cross-reference table, the application will save…

  • CVE-2020-6113HigSep 17, 2020
    risk 0.56cvss 7.8epss 0.69

    An exploitable vulnerability exists in the object stream parsing functionality of Nitro Software, Inc.’s Nitro Pro 13.13.2.242 when updating its cross-reference table. When processing an object stream from a PDF document, the application will perform a calculation in order to…

  • CVE-2020-6112HigSep 17, 2020
    risk 0.52cvss 7.8epss 0.17

    An exploitable code execution vulnerability exists in the JPEG2000 Stripe Decoding functionality of Nitro Software, Inc.’s Nitro Pro 13.13.2.242 when decoding sub-samples. While initializing tiles with sub-sample data, the application can miscalculate a pointer for the stripes…

  • CVE-2020-13948HigSep 17, 2020
    risk 0.57cvss 8.8epss 0.03

    While investigating a bug report on Apache Superset, it was determined that an authenticated user could craft requests via a number of templated text fields in the product that would allow arbitrary access to Python’s `os` package in the web application process in versions <…

  • CVE-2020-24373HigSep 16, 2020
    risk 0.57cvss 8.8epss 0.01

    A CSRF vulnerability in the UPnP MediaServer implementation in Freebox Server before 4.2.3.

  • CVE-2020-16233HigSep 16, 2020
    risk 0.49cvss 7.5epss 0.02

    An attacker could send a specially crafted packet that could have CodeMeter (All versions prior to 7.10) send back packets containing data from the heap.