| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-25105 | Cri | 0.64 | 9.8 | 0.01 | Sep 3, 2020 | eramba c2.8.1 and Enterprise before e2.19.3 has a weak password recovery token (createHash has only a million possibilities). | ||
| CVE-2020-4693 | Cri | 0.64 | 9.8 | 0.03 | Sep 2, 2020 | IBM Spectrum Protect Operations Center 7.1.0.000 through 7.1.10 and 8.1.0.000 through 8.1.9 may allow an attacker to execute arbitrary code on the system, caused by improper validation of data prior to export. IBM X-Force ID: 186782. | ||
| CVE-2020-24030 | Cri | 0.64 | 9.8 | 0.03 | Sep 2, 2020 | ForLogic Qualiex v1 and v3 has weak token expiration. This allows remote unauthenticated privilege escalation and access to sensitive data via token reuse. NOTE: as of 2025-10-14, the Supplier's perspective is that this is "not exploitable in the current implementation. Tokens… | ||
| CVE-2020-24029 | Cri | 0.64 | 9.8 | 0.02 | Sep 2, 2020 | Because of unauthenticated password changes in ForLogic Qualiex v1 and v3, customer and admin permissions and data can be accessed via a simple request. NOTE: as of 2025-10-14, the Supplier's perspective is that this is "corrected in all maintained versions. Password reset… | ||
| CVE-2020-13802 | Cri | 0.64 | 9.8 | 0.07 | Sep 2, 2020 | Rebar3 versions 3.0.0-beta.3 to 3.13.2 are vulnerable to OS command injection via URL parameter of dependency specification. | ||
| CVE-2020-24355 | Cri | 0.64 | 9.8 | 0.02 | Sep 2, 2020 | Zyxel VMG5313-B30B router on firmware 5.13(ABCJ.6)b3_1127, and possibly older versions of firmware are affected by insecure permissions which allows regular and other users to create new users with elevated privileges. This is done by changing "FirstIndex" field in JSON that is… | ||
| CVE-2020-6874 | Cri | 0.59 | 9.1 | 0.00 | Sep 1, 2020 | A ZTE product is impacted by the cryptographic issues vulnerability. The encryption algorithm is not properly used, so remote attackers could use this vulnerability for account credential enumeration attack or brute-force attack for password guessing. This affects: ZXIPTV,… | ||
| CVE-2020-6151 | Cri | 0.64 | 9.8 | 0.02 | Sep 1, 2020 | A memory corruption vulnerability exists in the TIFF handle_COMPRESSION_PACKBITS functionality of Accusoft ImageGear 19.7. A specially crafted malformed file can cause a memory corruption. An attacker can provide a malicious file to trigger this vulnerability. | ||
| CVE-2020-6144 | — | Cri | 0.64 | 9.8 | 0.06 | Sep 1, 2020 | A remote code execution vulnerability exists in the install functionality of OS4Ed openSIS 7.4. The username variable which is set at line 121 in install/Step5.php allows for injection of PHP code into the Data.php file that it writes. An attacker can send an HTTP request to… | |
| CVE-2020-6143 | — | Cri | 0.64 | 9.8 | 0.06 | Sep 1, 2020 | A remote code execution vulnerability exists in the install functionality of OS4Ed openSIS 7.4. The password variable which is set at line 122 in install/Step5.php allows for injection of PHP code into the Data.php file that it writes. An attacker can send an HTTP request to… | |
| CVE-2020-6142 | — | Cri | 0.64 | 9.8 | 0.09 | Sep 1, 2020 | A remote code execution vulnerability exists in the Modules.php functionality of OS4Ed openSIS 7.3. A specially crafted HTTP request can cause local file inclusion. An attacker can send an HTTP request to trigger this vulnerability. | |
| CVE-2020-6140 | — | Cri | 0.64 | 9.8 | 0.03 | Sep 1, 2020 | SQL injection vulnerability exists in the password reset functionality of OS4Ed openSIS 7.3. The password_stf_email parameter in the password reset page /opensis/ResetUserInfo.php is vulnerable to SQL injection. An attacker can send an HTTP request to trigger this vulnerability. | |
| CVE-2020-6139 | — | Cri | 0.64 | 9.8 | 0.03 | Sep 1, 2020 | SQL injection vulnerability exists in the password reset functionality of OS4Ed openSIS 7.3. The username_stf_email parameter in the password reset page /opensis/ResetUserInfo.php is vulnerable to SQL injection. An attacker can send an HTTP request to trigger this vulnerability. | |
| CVE-2020-6138 | — | Cri | 0.64 | 9.8 | 0.03 | Sep 1, 2020 | SQL injection vulnerability exists in the password reset functionality of OS4Ed openSIS 7.3. The uname parameter in the password reset page /opensis/ResetUserInfo.php is vulnerable to SQL injection An attacker can send an HTTP request to trigger this vulnerability. | |
| CVE-2020-6137 | — | Cri | 0.64 | 9.8 | 0.03 | Sep 1, 2020 | SQL injection vulnerability exists in the password reset functionality of OS4Ed openSIS 7.3. The password_stf_email parameter in the password reset page /opensis/ResetUserInfo.php is vulnerable to SQL injection. An attacker can send an HTTP request to trigger this vulnerability. | |
| CVE-2020-5777 | Cri | 0.59 | 9.8 | 0.24 | Sep 1, 2020 | MAGMI versions prior to 0.7.24 are vulnerable to a remote authentication bypass due to allowing default credentials in the event there is a database connection failure. A remote attacker can trigger this connection failure if the Mysql setting max_connections (default 151) is… | ||
| CVE-2020-25069 | Cri | 0.64 | 9.8 | 0.02 | Sep 1, 2020 | USVN (aka User-friendly SVN) before 1.0.10 allows attackers to execute arbitrary code in the commit view. | ||
| CVE-2020-16210 | Cri | 0.59 | 9.0 | 0.03 | Sep 1, 2020 | The affected product is vulnerable to reflected cross-site scripting, which may allow an attacker to remotely execute arbitrary code and perform actions in the context of an attacked user on the N-Tron 702-W / 702M12-W (all versions). | ||
| CVE-2020-16206 | Cri | 0.59 | 9.0 | 0.03 | Sep 1, 2020 | The affected product is vulnerable to stored cross-site scripting, which may allow an attacker to remotely execute arbitrary code to gain access to sensitive data on the N-Tron 702-W / 702M12-W (all versions). | ||
| CVE-2020-16204 | Cri | 0.64 | 9.8 | 0.05 | Sep 1, 2020 | The affected product is vulnerable due to an undocumented interface found on the device, which may allow an attacker to execute commands as root on the device on the N-Tron 702-W / 702M12-W (all versions). | ||
| CVE-2020-6141 | — | Cri | 0.64 | 9.8 | 0.04 | Sep 1, 2020 | An exploitable SQL injection vulnerability exists in the login functionality of OS4Ed openSIS 7.3. A specially crafted HTTP request can lead to SQL injection. An attacker can send an HTTP request to trigger this vulnerability. | |
| CVE-2020-15150 | Cri | 0.52 | 9.0 | 0.03 | Sep 1, 2020 | There is a vulnerability in Paginator (Elixir/Hex package) which makes it susceptible to Remote Code Execution (RCE) attacks via input parameters to the paginate() function. This will potentially affect all current users of Paginator prior to version 1.0.0. The vulnerability has… | ||
| CVE-2017-16034 | cri | 0.59 | — | 0.00 | Sep 1, 2020 | Affected versions of `pidusage` pass unsanitized input to `child_process.exec()`, resulting in arbitrary code execution in the `ps` method. This package is vulnerable to this PoC on Darwin, SunOS, FreeBSD, and AIX. Windows and Linux are not vulnerable. ## Proof of Concept… | ||
| CVE-2016-1000226 | cri | 0.52 | — | 0.01 | Sep 1, 2020 | Affected versions of `swagger-ui` are vulnerable to cross-site scripting in both the `consumes` and `produces` parameters of the swagger JSON document for a given API. Additionally, `swagger-ui` allows users to load arbitrary swagger JSON documents via the query string… | ||
| CVE-2016-1000225 | cri | 0.52 | — | 0.07 | Sep 1, 2020 | Affected versions of `sequelize` are vulnerable to SQL Injection in Models that have fields with the `GEOMETRY` DataType. This vulnerability occurs because single quotes in document values are not escaped for GeoJSON documents using `ST_GeomFromGeoJSON`, and MySQL GeoJSON… | ||
| CVE-2015-7982 | cri | 0.52 | — | 0.01 | Sep 1, 2020 | Versions of `gm` prior to 1.21.1 are affected by a command injection vulnerability. The vulnerability is triggered when user input is passed into `gm.compare()`, which fails to sanitize input correctly before calling the graphics magic binary. ## Recommendation Update to… | ||
| CVE-2020-7727 | — | Cri | 0.64 | 9.8 | 0.02 | Sep 1, 2020 | All versions of package gedi are vulnerable to Prototype Pollution via the set function. | |
| CVE-2020-7726 | Cri | 0.64 | 9.8 | 0.02 | Sep 1, 2020 | All versions of package safe-object2 are vulnerable to Prototype Pollution via the setter function. | ||
| CVE-2020-7725 | Cri | 0.64 | 9.8 | 0.02 | Sep 1, 2020 | All versions of package worksmith are vulnerable to Prototype Pollution via the setValue function. | ||
| CVE-2020-7724 | — | Cri | 0.57 | 9.8 | 0.02 | Sep 1, 2020 | All versions of package tiny-conf are vulnerable to Prototype Pollution via the set function. | |
| CVE-2020-7723 | Cri | 0.64 | 9.8 | 0.02 | Sep 1, 2020 | All versions of package promisehelpers are vulnerable to Prototype Pollution via the insert function. | ||
| CVE-2020-7722 | Cri | 0.57 | 9.8 | 0.02 | Sep 1, 2020 | All versions of package nodee-utils are vulnerable to Prototype Pollution via the deepSet function. | ||
| CVE-2020-7721 | Cri | 0.64 | 9.8 | 0.02 | Sep 1, 2020 | All versions of package node-oojs are vulnerable to Prototype Pollution via the setPath function. | ||
| CVE-2020-7720 | Cri | 0.57 | 9.8 | 0.03 | Sep 1, 2020 | The package node-forge before 0.10.0 is vulnerable to Prototype Pollution via the util.setPath function. Note: Version 0.10.0 is a breaking change removing the vulnerable functions. | ||
| CVE-2020-7719 | — | Cri | 0.57 | 9.8 | 0.03 | Sep 1, 2020 | Versions of package locutus before 2.0.12 are vulnerable to prototype Pollution via the php.strings.parse_str function. | |
| CVE-2020-7718 | Cri | 0.64 | 9.8 | 0.02 | Sep 1, 2020 | All versions of package gammautils are vulnerable to Prototype Pollution via the deepSet and deepMerge functions. | ||
| CVE-2020-7717 | — | Cri | 0.64 | 9.8 | 0.02 | Sep 1, 2020 | All versions of package dot-notes are vulnerable to Prototype Pollution via the create function. | |
| CVE-2020-7716 | Cri | 0.64 | 9.8 | 0.02 | Sep 1, 2020 | All versions of package deeps are vulnerable to Prototype Pollution via the set function. | ||
| CVE-2020-7715 | — | Cri | 0.57 | 9.8 | 0.02 | Sep 1, 2020 | All versions of package deep-get-set are vulnerable to Prototype Pollution via the main function. | |
| CVE-2020-7714 | — | Cri | 0.64 | 9.8 | 0.02 | Sep 1, 2020 | All versions of package confucious are vulnerable to Prototype Pollution via the set function. | |
| CVE-2020-7713 | — | Cri | 0.57 | 9.8 | 0.02 | Sep 1, 2020 | All versions of package arr-flatten-unflatten are vulnerable to Prototype Pollution via the constructor. | |
| CVE-2020-25067 | Cri | 0.63 | 9.6 | 0.02 | Sep 1, 2020 | NETGEAR R8300 devices before 1.0.2.134 are affected by command injection by an unauthenticated attacker. | ||
| CVE-2015-4130 | cri | 0.59 | — | 0.01 | Aug 31, 2020 | Versions of `ungit` prior to 0.9.0 are affected by a command injection vulnerability in the `url` parameter. ## Recommendation Update version 0.9.0 or later. | ||
| CVE-2020-25062 | Cri | 0.64 | 9.8 | 0.00 | Aug 31, 2020 | An issue was discovered on LG mobile devices with Android OS 9 and 10 software. LGTelephonyProvider allows a bypass of intended privilege restrictions. The LG ID is LVE-SMP-200017 (July 2020). | ||
| CVE-2020-25061 | Cri | 0.64 | 9.8 | 0.00 | Aug 31, 2020 | An issue was discovered on LG mobile devices with Android OS 9 and 10 software on the VZW network. lge_property allows property overwrites. The LG ID is LVE-SMP-200016 (July 2020). | ||
| CVE-2020-25058 | Cri | 0.64 | 9.8 | 0.00 | Aug 31, 2020 | An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9, and 10 software. The network_management service does not properly restrict configuration changes. The LG ID is LVE-SMP-200012 (July 2020). | ||
| CVE-2020-25057 | Cri | 0.64 | 9.8 | 0.00 | Aug 31, 2020 | An issue was discovered on LG mobile devices with Android OS 10 software. MDMService does not properly restrict APK installations. The LG ID is LVE-SMP-200011 (July 2020). | ||
| CVE-2020-25055 | Cri | 0.64 | 9.8 | 0.00 | Aug 31, 2020 | An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. The persona service allows attackers (who control an unprivileged SecureFolder process) to bypass admin restrictions in KnoxContainer. The Samsung ID is SVE-2020-18133 (August 2020). | ||
| CVE-2020-25054 | Cri | 0.59 | 9.1 | 0.01 | Aug 31, 2020 | An issue was discovered on Samsung mobile devices with software through 2020-04-02 (Exynos modem chipsets). There is a heap-based buffer over-read in the Shannon baseband. The Samsung ID is SVE-2020-17239 (August 2020). | ||
| CVE-2020-25053 | Cri | 0.64 | 9.8 | 0.01 | Aug 31, 2020 | An issue was discovered on Samsung mobile devices with Q(10.0) (exynos9830 chipsets) software. RKP allows arbitrary code execution. The Samsung ID is SVE-2020-17435 (August 2020). |
- risk 0.64cvss 9.8epss 0.01
eramba c2.8.1 and Enterprise before e2.19.3 has a weak password recovery token (createHash has only a million possibilities).
- risk 0.64cvss 9.8epss 0.03
IBM Spectrum Protect Operations Center 7.1.0.000 through 7.1.10 and 8.1.0.000 through 8.1.9 may allow an attacker to execute arbitrary code on the system, caused by improper validation of data prior to export. IBM X-Force ID: 186782.
- risk 0.64cvss 9.8epss 0.03
ForLogic Qualiex v1 and v3 has weak token expiration. This allows remote unauthenticated privilege escalation and access to sensitive data via token reuse. NOTE: as of 2025-10-14, the Supplier's perspective is that this is "not exploitable in the current implementation. Tokens…
- risk 0.64cvss 9.8epss 0.02
Because of unauthenticated password changes in ForLogic Qualiex v1 and v3, customer and admin permissions and data can be accessed via a simple request. NOTE: as of 2025-10-14, the Supplier's perspective is that this is "corrected in all maintained versions. Password reset…
- risk 0.64cvss 9.8epss 0.07
Rebar3 versions 3.0.0-beta.3 to 3.13.2 are vulnerable to OS command injection via URL parameter of dependency specification.
- risk 0.64cvss 9.8epss 0.02
Zyxel VMG5313-B30B router on firmware 5.13(ABCJ.6)b3_1127, and possibly older versions of firmware are affected by insecure permissions which allows regular and other users to create new users with elevated privileges. This is done by changing "FirstIndex" field in JSON that is…
- risk 0.59cvss 9.1epss 0.00
A ZTE product is impacted by the cryptographic issues vulnerability. The encryption algorithm is not properly used, so remote attackers could use this vulnerability for account credential enumeration attack or brute-force attack for password guessing. This affects: ZXIPTV,…
- risk 0.64cvss 9.8epss 0.02
A memory corruption vulnerability exists in the TIFF handle_COMPRESSION_PACKBITS functionality of Accusoft ImageGear 19.7. A specially crafted malformed file can cause a memory corruption. An attacker can provide a malicious file to trigger this vulnerability.
- risk 0.64cvss 9.8epss 0.06
A remote code execution vulnerability exists in the install functionality of OS4Ed openSIS 7.4. The username variable which is set at line 121 in install/Step5.php allows for injection of PHP code into the Data.php file that it writes. An attacker can send an HTTP request to…
- risk 0.64cvss 9.8epss 0.06
A remote code execution vulnerability exists in the install functionality of OS4Ed openSIS 7.4. The password variable which is set at line 122 in install/Step5.php allows for injection of PHP code into the Data.php file that it writes. An attacker can send an HTTP request to…
- risk 0.64cvss 9.8epss 0.09
A remote code execution vulnerability exists in the Modules.php functionality of OS4Ed openSIS 7.3. A specially crafted HTTP request can cause local file inclusion. An attacker can send an HTTP request to trigger this vulnerability.
- risk 0.64cvss 9.8epss 0.03
SQL injection vulnerability exists in the password reset functionality of OS4Ed openSIS 7.3. The password_stf_email parameter in the password reset page /opensis/ResetUserInfo.php is vulnerable to SQL injection. An attacker can send an HTTP request to trigger this vulnerability.
- risk 0.64cvss 9.8epss 0.03
SQL injection vulnerability exists in the password reset functionality of OS4Ed openSIS 7.3. The username_stf_email parameter in the password reset page /opensis/ResetUserInfo.php is vulnerable to SQL injection. An attacker can send an HTTP request to trigger this vulnerability.
- risk 0.64cvss 9.8epss 0.03
SQL injection vulnerability exists in the password reset functionality of OS4Ed openSIS 7.3. The uname parameter in the password reset page /opensis/ResetUserInfo.php is vulnerable to SQL injection An attacker can send an HTTP request to trigger this vulnerability.
- risk 0.64cvss 9.8epss 0.03
SQL injection vulnerability exists in the password reset functionality of OS4Ed openSIS 7.3. The password_stf_email parameter in the password reset page /opensis/ResetUserInfo.php is vulnerable to SQL injection. An attacker can send an HTTP request to trigger this vulnerability.
- risk 0.59cvss 9.8epss 0.24
MAGMI versions prior to 0.7.24 are vulnerable to a remote authentication bypass due to allowing default credentials in the event there is a database connection failure. A remote attacker can trigger this connection failure if the Mysql setting max_connections (default 151) is…
- risk 0.64cvss 9.8epss 0.02
USVN (aka User-friendly SVN) before 1.0.10 allows attackers to execute arbitrary code in the commit view.
- risk 0.59cvss 9.0epss 0.03
The affected product is vulnerable to reflected cross-site scripting, which may allow an attacker to remotely execute arbitrary code and perform actions in the context of an attacked user on the N-Tron 702-W / 702M12-W (all versions).
- risk 0.59cvss 9.0epss 0.03
The affected product is vulnerable to stored cross-site scripting, which may allow an attacker to remotely execute arbitrary code to gain access to sensitive data on the N-Tron 702-W / 702M12-W (all versions).
- risk 0.64cvss 9.8epss 0.05
The affected product is vulnerable due to an undocumented interface found on the device, which may allow an attacker to execute commands as root on the device on the N-Tron 702-W / 702M12-W (all versions).
- risk 0.64cvss 9.8epss 0.04
An exploitable SQL injection vulnerability exists in the login functionality of OS4Ed openSIS 7.3. A specially crafted HTTP request can lead to SQL injection. An attacker can send an HTTP request to trigger this vulnerability.
- risk 0.52cvss 9.0epss 0.03
There is a vulnerability in Paginator (Elixir/Hex package) which makes it susceptible to Remote Code Execution (RCE) attacks via input parameters to the paginate() function. This will potentially affect all current users of Paginator prior to version 1.0.0. The vulnerability has…
- risk 0.59cvss —epss 0.00
Affected versions of `pidusage` pass unsanitized input to `child_process.exec()`, resulting in arbitrary code execution in the `ps` method. This package is vulnerable to this PoC on Darwin, SunOS, FreeBSD, and AIX. Windows and Linux are not vulnerable. ## Proof of Concept…
- risk 0.52cvss —epss 0.01
Affected versions of `swagger-ui` are vulnerable to cross-site scripting in both the `consumes` and `produces` parameters of the swagger JSON document for a given API. Additionally, `swagger-ui` allows users to load arbitrary swagger JSON documents via the query string…
- risk 0.52cvss —epss 0.07
Affected versions of `sequelize` are vulnerable to SQL Injection in Models that have fields with the `GEOMETRY` DataType. This vulnerability occurs because single quotes in document values are not escaped for GeoJSON documents using `ST_GeomFromGeoJSON`, and MySQL GeoJSON…
- risk 0.52cvss —epss 0.01
Versions of `gm` prior to 1.21.1 are affected by a command injection vulnerability. The vulnerability is triggered when user input is passed into `gm.compare()`, which fails to sanitize input correctly before calling the graphics magic binary. ## Recommendation Update to…
- risk 0.64cvss 9.8epss 0.02
All versions of package gedi are vulnerable to Prototype Pollution via the set function.
- risk 0.64cvss 9.8epss 0.02
All versions of package safe-object2 are vulnerable to Prototype Pollution via the setter function.
- risk 0.64cvss 9.8epss 0.02
All versions of package worksmith are vulnerable to Prototype Pollution via the setValue function.
- risk 0.57cvss 9.8epss 0.02
All versions of package tiny-conf are vulnerable to Prototype Pollution via the set function.
- risk 0.64cvss 9.8epss 0.02
All versions of package promisehelpers are vulnerable to Prototype Pollution via the insert function.
- risk 0.57cvss 9.8epss 0.02
All versions of package nodee-utils are vulnerable to Prototype Pollution via the deepSet function.
- risk 0.64cvss 9.8epss 0.02
All versions of package node-oojs are vulnerable to Prototype Pollution via the setPath function.
- risk 0.57cvss 9.8epss 0.03
The package node-forge before 0.10.0 is vulnerable to Prototype Pollution via the util.setPath function. Note: Version 0.10.0 is a breaking change removing the vulnerable functions.
- risk 0.57cvss 9.8epss 0.03
Versions of package locutus before 2.0.12 are vulnerable to prototype Pollution via the php.strings.parse_str function.
- risk 0.64cvss 9.8epss 0.02
All versions of package gammautils are vulnerable to Prototype Pollution via the deepSet and deepMerge functions.
- risk 0.64cvss 9.8epss 0.02
All versions of package dot-notes are vulnerable to Prototype Pollution via the create function.
- risk 0.64cvss 9.8epss 0.02
All versions of package deeps are vulnerable to Prototype Pollution via the set function.
- risk 0.57cvss 9.8epss 0.02
All versions of package deep-get-set are vulnerable to Prototype Pollution via the main function.
- risk 0.64cvss 9.8epss 0.02
All versions of package confucious are vulnerable to Prototype Pollution via the set function.
- risk 0.57cvss 9.8epss 0.02
All versions of package arr-flatten-unflatten are vulnerable to Prototype Pollution via the constructor.
- risk 0.63cvss 9.6epss 0.02
NETGEAR R8300 devices before 1.0.2.134 are affected by command injection by an unauthenticated attacker.
- risk 0.59cvss —epss 0.01
Versions of `ungit` prior to 0.9.0 are affected by a command injection vulnerability in the `url` parameter. ## Recommendation Update version 0.9.0 or later.
- risk 0.64cvss 9.8epss 0.00
An issue was discovered on LG mobile devices with Android OS 9 and 10 software. LGTelephonyProvider allows a bypass of intended privilege restrictions. The LG ID is LVE-SMP-200017 (July 2020).
- risk 0.64cvss 9.8epss 0.00
An issue was discovered on LG mobile devices with Android OS 9 and 10 software on the VZW network. lge_property allows property overwrites. The LG ID is LVE-SMP-200016 (July 2020).
- risk 0.64cvss 9.8epss 0.00
An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9, and 10 software. The network_management service does not properly restrict configuration changes. The LG ID is LVE-SMP-200012 (July 2020).
- risk 0.64cvss 9.8epss 0.00
An issue was discovered on LG mobile devices with Android OS 10 software. MDMService does not properly restrict APK installations. The LG ID is LVE-SMP-200011 (July 2020).
- risk 0.64cvss 9.8epss 0.00
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. The persona service allows attackers (who control an unprivileged SecureFolder process) to bypass admin restrictions in KnoxContainer. The Samsung ID is SVE-2020-18133 (August 2020).
- risk 0.59cvss 9.1epss 0.01
An issue was discovered on Samsung mobile devices with software through 2020-04-02 (Exynos modem chipsets). There is a heap-based buffer over-read in the Shannon baseband. The Samsung ID is SVE-2020-17239 (August 2020).
- risk 0.64cvss 9.8epss 0.01
An issue was discovered on Samsung mobile devices with Q(10.0) (exynos9830 chipsets) software. RKP allows arbitrary code execution. The Samsung ID is SVE-2020-17435 (August 2020).