CVE Schwachstellen
CVE-Datenbank angereichert mit CISA KEV und NVD Daten
| CVE ID | CVSS | Schweregrad | KEV | Sichtungen |
|---|---|---|---|---|
| CVE-2020-25228 A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). A service available on port 10005/tcp of the affected devices could allow complete access to all servic... | 9.8 | CRITICAL | — | 0 |
| CVE-2020-25229 A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). The implemented encryption for communication with affected devices is prone to replay attacks due to th... | 7.5 | HIGH | — | 0 |
| CVE-2020-25230 A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). Due to the usage of an outdated cipher mode on port 10005/tcp, an attacker could extract the encryption... | 7.5 | HIGH | — | 0 |
| CVE-2025-49329 Unrestricted Upload of File with Dangerous Type vulnerability in Agile Logix Store Locator WordPress agile-store-locator allows Upload a Web Shell to a Web Server.This issue affects Store Locator Word... | N/A | NONE | — | 0 |
| CVE-2020-25231 A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3), LOGO! Soft Comfort (All versions < V8.3). The encryption of program data for the affected devices uses ... | 5.5 | MEDIUM | — | 0 |
| CVE-2020-25232 A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). Due to the usage of an insecure random number generation function and a deprecated cryptographic functi... | 7.5 | HIGH | — | 0 |
| CVE-2020-25233 A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). The firmware update of affected devices contains the private RSA key that is used as a basis for encryp... | 5.5 | MEDIUM | — | 0 |
| CVE-2020-25234 A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3), LOGO! Soft Comfort (All versions < V8.3). The LOGO! program files generated and used by the affected co... | 7.7 | HIGH | — | 0 |
| CVE-2020-25235 A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). The password used for authentication for the LOGO! Website and the LOGO! Access Tool is sent in a recov... | 7.5 | HIGH | — | 0 |
| CVE-2020-28396 A vulnerability has been identified in SICAM A8000 CP-8000 (All versions < V16), SICAM A8000 CP-8021 (All versions < V16), SICAM A8000 CP-8022 (All versions < V16). A web server misconfiguration of th... | 7.3 | HIGH | — | 0 |
| CVE-2020-0099 In addWindow of WindowManagerService.java, there is a possible window overlay attack due to an insecure default value. This could lead to local escalation of privilege via tapjacking with no additiona... | 7.8 | HIGH | — | 0 |
| CVE-2020-0440 In createVirtualDisplay of DisplayManagerService.java, there is a possible way to create a trusted virtual display due to a missing permission check. This could lead to local escalation of privilege w... | 7.8 | HIGH | — | 0 |
| CVE-2020-0444 In audit_free_lsm_field of auditfilter.c, there is a possible bad kfree due to a logic error in audit_data_to_entry. This could lead to local escalation of privilege with no additional execution privi... | 7.8 | HIGH | — | 0 |
| CVE-2020-0455 There is a possible out of bounds write due to a missing bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-170372514 | 9.8 | CRITICAL | — | 0 |
| CVE-2020-0457 There is a possible out of bounds write due to a missing bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-170367562 | 9.8 | CRITICAL | — | 0 |
| CVE-2020-0458 In SPDIFEncoder::writeBurstBufferBytes and related methods of SPDIFEncoder.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no add... | 7.8 | HIGH | — | 0 |
| CVE-2020-0459 In sendConfiguredNetworkChangedBroadcast of WifiConfigManager.java, there is a possible leak of sensitive WiFi configuration data due to a missing permission check. This could lead to local informatio... | 3.3 | LOW | — | 0 |
| CVE-2020-0460 In createNameCredentialDialog of CertInstaller.java, there exists the possibility of improperly installed certificates due to a logic error. This could lead to remote information disclosure with no ad... | 7.5 | HIGH | — | 0 |
| CVE-2020-0463 In sdp_server_handle_client_req of sdp_server.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure from the bluetooth server with ... | 7.5 | HIGH | — | 0 |
| CVE-2020-0464 In resolv_cache_lookup of res_cache.cpp, there is a possible side channel information disclosure. This could lead to local information disclosure of accessed web resources with no additional execution... | 5.5 | MEDIUM | — | 0 |
| CVE-2020-0465 In various methods of hid-multitouch.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges ... | 6.8 | MEDIUM | — | 0 |
| CVE-2020-0466 In do_epoll_ctl and ep_loop_check_proc of eventpoll.c, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with no additional execution privileges... | 7.8 | HIGH | — | 0 |
| CVE-2020-0467 In onUserStopped of Vpn.java, there is a possible resetting of user preferences due to a logic issue. This could lead to local information disclosure of secure network traffic over a non-VPN link with... | 5.5 | MEDIUM | — | 0 |
| CVE-2020-0468 In listen() and related functions of TelephonyRegistry.java, there is a possible permissions bypass of location permissions due to a missing permission check. This could lead to local information disc... | 5.5 | MEDIUM | — | 0 |
| CVE-2020-0469 In addEscrowToken of LockSettingsService.java, there is a possible loss of the synthetic password due to logic error. This could lead to local denial of service with no additional execution privileges... | 5.5 | MEDIUM | — | 0 |
| CVE-2020-0470 In extend_frame_highbd of restoration.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges... | 5.5 | MEDIUM | — | 0 |
| CVE-2020-0016 In the Broadcom Nexus firmware, there is an insecure default password. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction i... | 7.8 | HIGH | — | 0 |
| CVE-2020-0019 In the Broadcom Nexus firmware, there is an insecure default password. This could lead to local information disclosure in the kernel with no additional execution privileges needed. User interaction is... | 5.5 | MEDIUM | — | 0 |
| CVE-2020-0456 There is a possible out of bounds write due to a missing bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-170378843 | 9.8 | CRITICAL | — | 0 |
| CVE-2020-35457 GNOME GLib before 2.65.3 has an integer overflow, that might lead to an out-of-bounds write, in g_option_group_add_entries. NOTE: the vendor's position is "Realistically this is not a security issue. ... | 7.8 | HIGH | — | 0 |
| CVE-2020-35470 Envoy before 1.16.1 logs an incorrect downstream address because it considers only the directly connected peer, not the information in the proxy protocol header. This affects situations with tcp-proxy... | 8.8 | HIGH | — | 0 |
| CVE-2020-35471 Envoy before 1.16.1 mishandles dropped and truncated datagrams, as demonstrated by a segmentation fault for a UDP packet size larger than 1500. | 7.5 | HIGH | — | 0 |
| CVE-2020-28442 All versions of package js-data are vulnerable to Prototype Pollution via the deepFillIn function. | 7.5 | HIGH | — | 0 |
| CVE-2020-28203 An issue was discovered in Foxit Reader and PhantomPDF 10.1.0.37527 and earlier. There is a null pointer access/dereference while opening a crafted PDF file, leading the application to crash (denial o... | 5.5 | MEDIUM | — | 0 |
| CVE-2020-4747 IBM Connect:Direct for UNIX 6.1.0, 6.0.0, 4.3.0, and 4.2.0 can allow a local or remote user to obtain an authenticated CLI session due to improper authentication methods. IBM X-Force ID: 188516. | 9.8 | CRITICAL | — | 0 |
| CVE-2020-4849 IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.19 Interim Fix 7 could allow a remote attacker to bypass security restrictions, caused by a reverse tabnabbing flaw. An attacker could exploit this vuln... | 6.1 | MEDIUM | — | 0 |
| CVE-2020-8935 An arbitrary memory overwrite vulnerability in Asylo versions up to 0.6.0 allow an attacker to make an Ecall_restore function call to reallocate untrusted code and overwrite sections of the Enclave me... | 5.3 | MEDIUM | — | 0 |
| CVE-2020-8936 An arbitrary memory overwrite vulnerability in Asylo versions up to 0.6.0 allows an attacker to make a host call to UntrustedCall. UntrustedCall failed to validate the buffer range within sgx_params a... | 5.3 | MEDIUM | — | 0 |
| CVE-2020-8937 An arbitrary memory overwrite vulnerability in Asylo versions up to 0.6.0 allows an attacker to make a host call to enc_untrusted_create_wait_queue that uses a pointer queue that relies on UntrustedLo... | 5.3 | MEDIUM | — | 0 |
| CVE-2020-8938 An arbitrary memory overwrite vulnerability in Asylo versions up to 0.6.0 allows an attacker to make a host call to FromkLinuxSockAddr with attacker controlled content and size of klinux_addr which al... | 5.3 | MEDIUM | — | 0 |
| CVE-2020-8939 An out of bounds read on the enc_untrusted_inet_ntop function allows an attack to extend the result size that is used by memcpy() to read memory from within the enclave heap. We recommend upgrading pa... | 5.3 | MEDIUM | — | 0 |
| CVE-2020-8940 An arbitrary memory read vulnerability in Asylo versions up to 0.6.0 allows an untrusted attacker to make a call to enc_untrusted_recvmsg using an attacker controlled result parameter. The parameter s... | 5.3 | MEDIUM | — | 0 |
| CVE-2020-8941 An arbitrary memory read vulnerability in Asylo versions up to 0.6.0 allows an untrusted attacker to make a call to enc_untrusted_inet_pton using an attacker controlled klinux_addr_buffer parameter. T... | 5.3 | MEDIUM | — | 0 |
| CVE-2020-8942 An arbitrary memory read vulnerability in Asylo versions up to 0.6.0 allows an untrusted attacker to make a call to enc_untrusted_read whose return size was not validated against the requrested size. ... | 5.3 | MEDIUM | — | 0 |
| CVE-2020-8943 An arbitrary memory read vulnerability in Asylo versions up to 0.6.0 allows an untrusted attacker to make a call to enc_untrusted_recvfrom whose return size was not validated against the requested siz... | 5.3 | MEDIUM | — | 0 |
| CVE-2020-8944 An arbitrary memory write vulnerability in Asylo versions up to 0.6.0 allows an untrusted attacker to make a call to ecall_restore using the attribute output which fails to check the range of a pointe... | 5.3 | MEDIUM | — | 0 |
| CVE-2020-0244 In writeBurstBufferBytes of SPDIFEncoder.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no clear exfiltration path, ... | 5.5 | MEDIUM | — | 0 |
| CVE-2020-0280 In nci_proc_ee_management_rsp of nci_hrcv.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privile... | 5.5 | MEDIUM | — | 0 |
| CVE-2020-0368 In queryInternal of CallLogProvider.java, there is a possible permission bypass due to improper input validation. This could lead to local information disclosure of voicemail metadata with User execut... | 3.3 | LOW | — | 0 |
| CVE-2020-0473 In updateIncomingFileConfirmNotification of BluetoothOppNotification.java, there is a possible permissions bypass. This could lead to local escalation of privilege allowing an attacker with physical p... | 4.6 | MEDIUM | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.