CVE List - 2020 / June
Showing 701 - 800 of 1807 CVEs for June 2020 (Page 8 of 19)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2020-13854 | 2020-06-11 | Artica Pandora FMS 7.44 allows privilege escalation. |
| CVE-2020-13853 | 2020-06-11 | Artica Pandora FMS 7.44 has persistent XSS in the Messages feature. |
| CVE-2020-13852 | 2020-06-11 | Artica Pandora FMS 7.44 allows arbitrary file upload (leading to remote command execution) via the File Manager feature. |
| CVE-2020-13851 | 2020-06-11 | Artica Pandora FMS 7.44 allows remote command execution via the events feature. |
| CVE-2020-5592 | 2020-06-11 | Cross-site scripting vulnerability in Zenphoto versions prior to 1.5.7 allows remote attackers to inject an arbitrary JavaScript via unspecified vectors. |
| CVE-2020-5593 | 2020-06-11 | Zenphoto versions prior to 1.5.7 allows an attacker to conduct PHP code injection attacks by leading a user to upload a specially crafted .zip file. |
| CVE-2020-4380 | 2020-06-11 | IBM Workload Scheduler 9.3.0.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to... |
| CVE-2020-12712 | 2020-06-11 | A vulnerability based on insecure user/password encryption in the JOE (job editor) component of SOS JobScheduler 1.12 and 1.13 allows attackers to decrypt the user/password that is optionally stored with... |
| CVE-2020-4101 | 2020-06-11 | "HCL Digital Experience is susceptible to Server Side Request Forgery." |
| CVE-2020-6090 | 2020-06-11 | An exploitable code execution vulnerability exists in the Web-Based Management (WBM) functionality of WAGO PFC 200 03.03.10(15). A specially crafted series of HTTP requests can cause code execution resulting in... |
| CVE-2020-0166 | 2020-06-11 | In multiple functions of URI.java, there is a possible escalation of privilege due to missing validation in the parceling of URI information. This could lead to a local escalation of... |
| CVE-2020-0187 | 2020-06-11 | In engineSetMode of BaseBlockCipher.java, there is a possible incorrect cryptographic algorithm chosen due to an incomplete comparison. This could lead to local information disclosure with no additional execution privileges needed.... |
| CVE-2020-0124 | 2020-06-11 | In markBootComplete of InstalldNativeService.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges... |
| CVE-2020-0203 | 2020-06-11 | In freeIsolatedUidLocked of ProcessList.java, there is a possible UID reuse due to improper cleanup. This could lead to local escalation of privilege between constrained processes with no additional execution privileges... |
| CVE-2020-0208 | 2020-06-11 | In multiple functions of AccountManager.java, there is a possible permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed... |
| CVE-2020-0126 | 2020-06-11 | In multiple functions in DrmPlugin.cpp, there is a possible use after free due to a race condition. This could lead to local code execution with System execution privileges required. User... |
| CVE-2020-0127 | 2020-06-11 | In AudioStream::decode of AudioGroup.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure in the phone process with... |
| CVE-2020-0128 | 2020-06-11 | In addPacket of AMPEG4ElementaryAssembler, there is an out of bounds read due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges required. User... |
| CVE-2020-0131 | 2020-06-11 | In parseChunk of MPEG4Extractor.cpp, there is a possible out of bounds write due to incompletely initialized data. This could lead to remote code execution with no additional execution privileges needed.... |
| CVE-2020-0132 | 2020-06-11 | In BnAAudioService::onTransact of IAAudioService.cpp, there is a possible out of bounds read due to unsafe deserialization. This could lead to local information disclosure with no additional execution privileges needed. User... |
| CVE-2020-0134 | 2020-06-11 | In BnDrm::onTransact of IDrm.cpp, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is... |
| CVE-2020-0135 | 2020-06-11 | In dump of RollbackManagerServiceImpl.java, there is a possible backup metadata exposure due to a missing permission check. This could lead to local information disclosure with System execution privileges needed. User... |
| CVE-2020-0141 | 2020-06-11 | In OutputBuffersArray::realloc of CCodecBuffers.cpp, there is a possible heap disclosure due to a race condition. This could lead to remote information disclosure with System execution privileges needed. User interaction is... |
| CVE-2020-0151 | 2020-06-11 | In avb_vbmeta_image_verify of avb_vbmeta_image.c there is a possible out of bounds read due to a missing bounds check. This could lead to a local information disclosure with System execution privileges... |
| CVE-2020-0152 | 2020-06-11 | In avb_vbmeta_image_verify of avb_vbmeta_image.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed.... |
| CVE-2020-0167 | 2020-06-11 | In load of ResourceTypes.cpp, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with no additional execution privileges needed.... |
| CVE-2020-0168 | 2020-06-11 | In impeg2_fmt_conv_yuv420p_to_yuv420sp_uv of impeg2_format_conv.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges... |
| CVE-2020-0179 | 2020-06-11 | In doSendObjectInfo of MtpServer.cpp, there is a possible path traversal attack due to insufficient input validation. This could lead to local escalation of privilege with no additional execution privileges needed.... |
| CVE-2020-0180 | 2020-06-11 | In GetOpusHeaderBuffers() of OpusHeader.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges... |
| CVE-2020-0182 | 2020-06-11 | In exif_entry_get_value of exif-entry.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges... |
| CVE-2020-0190 | 2020-06-11 | In ideint_weave_blk of ideint_utils.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges... |
| CVE-2020-0191 | 2020-06-11 | In ih264d_update_default_index_list() of ih264d_dpb_mgr.c, there is a possible out of bounds read due to a logic error. This could lead to remote information disclosure with no additional execution privileges needed.... |
| CVE-2020-0192 | 2020-06-11 | In ih264d_decode_slice_thread of ih264d_thread_parse_decode.c, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed.... |
| CVE-2020-0193 | 2020-06-11 | In ihevc_intra_pred_chroma_mode_3_to_9_av8 of ihevc_intra_pred_chroma_mode_3_to_9.s, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges... |
| CVE-2020-0194 | 2020-06-11 | In ihevcd_parse_slice_header of ihevcd_parse_slice_header.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed.... |
| CVE-2020-0209 | 2020-06-11 | In multiple functions of AccountManager.java, there is a possible permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed... |
| CVE-2020-0210 | 2020-06-11 | In removeSharedAccountAsUser of AccountManager.java, there is a possible permissions bypass to a confused deputy. This could lead to local escalation of privilege with User execution privileges needed. User interaction is... |
| CVE-2020-0213 | 2020-06-11 | In hevcd_fmt_conv_420sp_to_420sp_av8 of ihevcd_fmt_conv_420sp_to_420sp.s, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges... |
| CVE-2020-0218 | 2020-06-11 | In loadSoundModel and related functions of SoundTriggerHwService.cpp, there is possible out of bounds write due to a race condition. This could lead to local escalation of privilege with no additional... |
| CVE-2020-0129 | 2020-06-11 | In SetData of btm_ble_multi_adv.cc, there is a possible out-of-bound write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed.... |
| CVE-2020-0133 | 2020-06-11 | In MockLocationAppPreferenceController.java, it is possible to mock the GPS location of the device due to a permissions bypass. This could lead to local escalation of privilege with User execution privileges... |
| CVE-2020-0136 | 2020-06-11 | In multiple locations of Parcel.cpp, there is a possible out-of-bounds write due to an integer overflow. This could lead to local escalation of privilege in the system server with no... |
| CVE-2020-0137 | 2020-06-11 | In setIPv6AddrGenMode of NetworkManagementService.java, there is a possible bypass of networking permissions due to a missing permission check. This could lead to local escalation of privilege with no additional execution... |
| CVE-2020-0138 | 2020-06-11 | In get_element_attr_rsp of btif_rc.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution if bluetoothtbd were used, which... |
| CVE-2020-0160 | 2020-06-11 | In setSyncSampleParams of SampleTable.cpp, there is possible resource exhaustion due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User... |
| CVE-2020-0161 | 2020-06-11 | In parseChunk of MPEG4Extractor.cpp, there is possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction... |
| CVE-2020-0162 | 2020-06-11 | In parseSampleAuxiliaryInformationOffsets of MPEG4Extractor.cpp, there is possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction... |
| CVE-2020-0163 | 2020-06-11 | In parseSampleAuxiliaryInformationSizes of MPEG4Extractor.cpp, there is possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction... |
| CVE-2020-0169 | 2020-06-11 | In RTTTL_Event of eas_rtttl.c, there is possible resource exhaustion due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User... |
| CVE-2020-0170 | 2020-06-11 | In IMY_Event of eas_imelody.c, there is possible resource exhaustion due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User... |
| CVE-2020-0171 | 2020-06-11 | In Parse_lart of eas_mdls.c, there is possible resource exhaustion due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User... |
| CVE-2020-0172 | 2020-06-11 | In Parse_art of eas_mdls.c, there is possible resource exhaustion due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User... |
| CVE-2020-0173 | 2020-06-11 | In Parse_lins of eas_mdls.c, there is possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction... |
| CVE-2020-0174 | 2020-06-11 | In Parse_ptbl of eas_mdls.c, there is possible resource exhaustion due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User... |
| CVE-2020-0175 | 2020-06-11 | In XMF_ReadNode of eas_xmf.c, there is possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction... |
| CVE-2020-0181 | 2020-06-11 | In exif_data_load_data_thumbnail of exif-data.c, there is a possible denial of service due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed.... |
| CVE-2020-0184 | 2020-06-11 | In ihevcd_ref_list() of ihevcd_ref_list.c, there is a possible infinite loop due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed.... |
| CVE-2020-0189 | 2020-06-11 | In ihevcd_decode() of ihevcd_decode.c, there is possible resource exhaustion due to an infinite loop. This could lead to remote denial of service with no additional execution privileges needed. User interaction... |
| CVE-2020-0195 | 2020-06-11 | In ihevcd_iquant_itrans_recon_ctb of ihevcd_iquant_itrans_recon_ctb.c and related functions, there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed.... |
| CVE-2020-0197 | 2020-06-11 | In InitDataParser::parsePssh of InitDataParser.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges... |
| CVE-2020-0198 | 2020-06-11 | In exif_data_load_data_content of exif-data.c, there is a possible UBSAN abort due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User... |
| CVE-2020-0199 | 2020-06-11 | In TimeCheck::TimeCheckThread::threadLoop of TimeCheck.cpp, there is a possible use-after-free due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not... |
| CVE-2020-0200 | 2020-06-11 | In ReadLittleEndian of raw_bit_reader.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure in the media server with... |
| CVE-2020-0205 | 2020-06-11 | In the DaalaBitReader constructor of entropy_decoder.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure in the media... |
| CVE-2020-0207 | 2020-06-11 | In next_marker of jdmarker.c, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed.... |
| CVE-2020-0211 | 2020-06-11 | In SumCompoundHorizontalTaps of convolve_neon.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges... |
| CVE-2020-0212 | 2020-06-11 | In _onBufferDestroyed of InputBufferManager.cpp, there is a possible out of bounds read due to a use after free. This could lead to remote information disclosure with no additional execution privileges... |
| CVE-2020-0217 | 2020-06-11 | In RW_T4tPresenceCheck of rw_t4t.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges... |
| CVE-2020-0139 | 2020-06-11 | In NDEF_MsgValidate of ndef_utils.c, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure if a malformed NFC tag is... |
| CVE-2020-0140 | 2020-06-11 | In rw_i93_sm_detect_ndef of rw_i93.c, there is a possible information disclosure due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User... |
| CVE-2020-0142 | 2020-06-11 | In rw_i93_sm_format of rw_i93.c, there is a possible information disclosure due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User... |
| CVE-2020-0143 | 2020-06-11 | In nfa_dm_ndef_find_next_handler of nfa_dm_ndef.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure of heap data via compromised... |
| CVE-2020-0144 | 2020-06-11 | In btm_proc_sp_req_evt of btm_sec.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure via compromised device firmware with... |
| CVE-2020-0145 | 2020-06-11 | In btm_simple_pair_complete of btm_sec.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure via compromised device firmware with... |
| CVE-2020-0146 | 2020-06-11 | In btu_hcif_hardware_error_evt of btu_hcif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure via compromised device firmware with... |
| CVE-2020-0147 | 2020-06-11 | In btu_hcif_esco_connection_chg_evt of btu_hcif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure via compromised device firmware with... |
| CVE-2020-0148 | 2020-06-11 | In btu_hcif_pin_code_request_evt, btu_hcif_link_key_request_evt, and btu_hcif_link_key_notification_evt of btu_hcif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure via compromised... |
| CVE-2020-0149 | 2020-06-11 | In btu_hcif_mode_change_evt of btu_hcif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure via compromised device firmware with... |
| CVE-2020-0150 | 2020-06-11 | In rw_t3t_message_set_block_list of rw_t3t.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution... |
| CVE-2020-0153 | 2020-06-11 | In phNxpNciHal_write_ext of phNxpNciHal_ext.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges... |
| CVE-2020-0154 | 2020-06-11 | In nci_proc_core_rsp of nci_hrcv.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure via compromised device firmware with... |
| CVE-2020-0155 | 2020-06-11 | In phNxpNciHal_send_ese_hal_cmd of phNxpNciHal_ext.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with User execution privileges... |
| CVE-2020-0156 | 2020-06-11 | In NxpNfc::ioctl of NxpNfc.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with User execution privileges needed.... |
| CVE-2020-0157 | 2020-06-11 | In nfa_hci_conn_cback of nfa_hci_main.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure via compromised device firmware with... |
| CVE-2020-0158 | 2020-06-11 | In nfc_ncif_proc_t3t_polling_ntf of nfc_ncif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed.... |
| CVE-2020-0159 | 2020-06-11 | In rw_mfc_writeBlock of rw_mfc.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed.... |
| CVE-2020-0164 | 2020-06-11 | In phNxpNciHal_NfcDep_cmd_ext of phNxpNciHal_NfcDepSWPrio.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed.... |
| CVE-2020-0165 | 2020-06-11 | In phNxpNciHal_NfcDep_cmd_ext of phNxpNciHal_NfcDepSWPrio.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege via compromised device firmware... |
| CVE-2020-0177 | 2020-06-11 | In connect() of PanService.java, there is a possible permissions bypass. This could lead to local escalation of privilege to change network connection settings with no additional execution privileges needed. User... |
| CVE-2020-0183 | 2020-06-11 | In handleMessage of BluetoothManagerService, there is an incomplete reset. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:... |
| CVE-2020-0186 | 2020-06-11 | In hal_fd_init of hal_fd.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges... |
| CVE-2020-0188 | 2020-06-11 | In onCreatePermissionRequest of SettingsSliceProvider.java, there is a possible permissions bypass due to a PendingIntent error. This could lead to local escalation of privilege with User execution privileges needed. User interaction... |
| CVE-2020-0201 | 2020-06-11 | In showSecurityFields of WifiConfigController.java there is a possible credential leak due to a confused deputy. This could lead to remote escalation of privilege with no additional execution privileges needed. User... |
| CVE-2020-0202 | 2020-06-11 | In onHandleIntent of TraceService.java, there is a possible bypass of developer settings requirements for capturing system traces due to a missing permission check. This could lead to local escalation of... |
| CVE-2020-0204 | 2020-06-11 | In InstallPackage of package.cpp, there is a possible bypass of a signature check due to a Time of Check/Time of Use condition. This could lead to local escalation of privilege... |
| CVE-2020-0215 | 2020-06-11 | In onCreate of ConfirmConnectActivity.java, there is a possible leak of Bluetooth information due to a permissions bypass. This could lead to local escalation of privilege that exposes a pairing Bluetooth... |
| CVE-2020-0216 | 2020-06-11 | In phNciNfc_RecvMfResp of phNxpExtns_MifareStd.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges... |
| CVE-2020-0219 | 2020-06-11 | In onCreate of SliceDeepLinkSpringBoard.java there is a possible insecure Intent. This could lead to local elevation of privilege with no additional execution privileges needed. User interaction is not needed for... |
| CVE-2020-0176 | 2020-06-11 | In avdt_msg_prs_rej of avdt_msg.cc, there is a possible out-of-bounds read due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction... |
| CVE-2020-0178 | 2020-06-11 | In getAllConfigFlags of SettingsProvider.cpp, there is a possible illegal read due to a missing permission check. This could lead to local information disclosure of config flags with no additional execution... |