Total
34582 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-25210 | 1 Jetbrains | 1 Youtrack | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| In JetBrains YouTrack before 2020.3.7955, an attacker could access workflow rules without appropriate access grants. | |||||
| CVE-2020-25209 | 1 Jetbrains | 1 Youtrack | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| In JetBrains YouTrack before 2020.3.6638, improper access control for some subresources leads to information disclosure via the REST API. | |||||
| CVE-2020-25207 | 1 Jetbrains | 1 Toolbox | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| JetBrains ToolBox before version 1.18 is vulnerable to Remote Code Execution via a browser protocol handler. | |||||
| CVE-2020-25201 | 1 Hashicorp | 1 Consul | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| HashiCorp Consul Enterprise version 1.7.0 up to 1.8.4 includes a namespace replication bug which can be triggered to cause denial of service via infinite Raft writes. Fixed in 1.7.9 and 1.8.5. | |||||
| CVE-2020-25069 | 1 Usvn | 1 Usvn | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| USVN (aka User-friendly SVN) before 1.0.10 allows attackers to execute arbitrary code in the commit view. | |||||
| CVE-2020-25064 | 1 Google | 1 Android | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on LG mobile devices with Android OS 4.4, 5.0, 5.1, 6.0, 7.0, 7.1, 8.0, 8.1, 9.0, and 10 software. Certain automated testing is mishandled. The LG ID is LVE-SMP-200019 (August 2020). | |||||
| CVE-2020-25062 | 1 Google | 1 Android | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on LG mobile devices with Android OS 9 and 10 software. LGTelephonyProvider allows a bypass of intended privilege restrictions. The LG ID is LVE-SMP-200017 (July 2020). | |||||
| CVE-2020-25061 | 1 Google | 1 Android | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on LG mobile devices with Android OS 9 and 10 software on the VZW network. lge_property allows property overwrites. The LG ID is LVE-SMP-200016 (July 2020). | |||||
| CVE-2020-25060 | 1 Google | 1 Android | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 software. Local users can gain privileges because of LAF and SBL1 flaws. The LG ID is LVE-SMP-200015 (July 2020). | |||||
| CVE-2020-25058 | 1 Google | 1 Android | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9, and 10 software. The network_management service does not properly restrict configuration changes. The LG ID is LVE-SMP-200012 (July 2020). | |||||
| CVE-2020-25057 | 1 Google | 1 Android | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on LG mobile devices with Android OS 10 software. MDMService does not properly restrict APK installations. The LG ID is LVE-SMP-200011 (July 2020). | |||||
| CVE-2020-25053 | 2 Google, Samsung | 2 Android, Exynos 9830 | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on Samsung mobile devices with Q(10.0) (exynos9830 chipsets) software. RKP allows arbitrary code execution. The Samsung ID is SVE-2020-17435 (August 2020). | |||||
| CVE-2020-25051 | 1 Google | 1 Android | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) software. Attackers can bypass Factory Reset Protection (FRP) via AppInfo. The Samsung ID is SVE-2020-17758 (August 2020). | |||||
| CVE-2020-25050 | 1 Google | 1 Android | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) software. The CMC service allows attackers to obtain sensitive information. The Samsung ID is SVE-2020-17288 (August 2020). | |||||
| CVE-2020-25049 | 1 Google | 1 Android | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) software. StatusBarService has insufficient DEX access control. The Samsung ID is SVE-2020-17797 (August 2020). | |||||
| CVE-2020-25047 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (released in China and India) software. The S Secure application does not enforce the intended password requirement for a locked application. The Samsung IDs are SVE-2020-16746, SVE-2020-16764 (August 2020). | |||||
| CVE-2020-25044 | 1 Kaspersky | 1 Virus Removal Tool | 2024-11-21 | 3.6 LOW | 7.1 HIGH |
| Kaspersky Virus Removal Tool (KVRT) prior to 15.0.23.0 was vulnerable to arbitrary file corruption that could provide an attacker with the opportunity to eliminate content of any file in the system. | |||||
| CVE-2020-25043 | 1 Kaspersky | 1 Vpn Secure Connection | 2024-11-21 | 3.6 LOW | 7.1 HIGH |
| The installer of Kaspersky VPN Secure Connection prior to 5.0 was vulnerable to arbitrary file deletion that could allow an attacker to delete any file in the system. | |||||
| CVE-2020-25035 | 1 Ucopia | 1 Express Wireless Appliance | 2024-11-21 | 7.2 HIGH | 6.7 MEDIUM |
| UCOPIA Wi-Fi appliances 6.0.5 allow arbitrary code execution with root privileges using chroothole_client's PHP call, a related issue to CVE-2017-11322. | |||||
| CVE-2020-25026 | 1 Derhansen | 1 Event Management And Registration | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| The sf_event_mgt (aka Event management and registration) extension before 4.3.1 and 5.x before 5.1.1 for TYPO3 allows Information Disclosure (participant data, and event data via email) because of Broken Access Control. | |||||