ECHO-C7C4-0020-BC83

Bulletin has no description...

RHCOS 3 : OpenShift Container Platform 3.11 atomic-openshift (RHSA-2020:0020)

The remote Red Hat Enterprise Linux CoreOS 3 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:0020 advisory. - kubernetes: Schema info written with world-writeable permissions when cached CVE-2019-11244 Note that Nessus has not tested for this issue...

CVE-2026-0020

creationtimestamp| type| source ---|---|--- 2026-03-02 23:00:37+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mg4eb24c7m2d 2026-03-03 08:00:35+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mg5cglgdhr2x 2026-03-03 08:00:36+00:00| seen|...

MiracleLinux 3 : pango-1.14.9-8.AXS3.2 (AXSA:2011-15:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2011-15:01 advisory. Pango is a system for layout and rendering of internationalized text. Security issues fixed with this release: CVE-2011-0020 Heap-based buffer overflow in the...

RHEL 9 : thunderbird (RHSA-2026:0020)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:0020 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: Memory safety bugs fixed in Firefox ESR 140.6,...

CVE-2025-11648

The CVE-2025-11648 issue affects Tomofun Furbo 360 and Furbo Mini, specifically the TF_FQDN.json under the GATT Interface URL Handler. A server-side request forgery can be triggered by manipulating the TF_FQDN.json file, with the attack possible remotely and described as highly complex; exploitab...

ECHO-5B61-7BE3-0020

Bulletin has no description...

CVE-2024-0020

In onActivityResult of NotificationSoundPreference.java, there is a possible way to hear audio files belonging to a different user due to a confused deputy. This could lead to local information disclosure across users of a device with no additional execution privileges needed. User interaction is...

CVE-2020-0020

In getAttributeRange of ExifInterface.java, there is a possible failure to redact location information from media files due to an incorrect bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product:...

CVE-2025-0020

Violation of Secure Design Principles, Hidden Functionality, Incorrect Provision of Specified Functionality vulnerability in ArcGIS Authentication allows Privilege Abuse, Manipulating Hidden Fields, Configuration/Environment Manipulation. The ArcGIS clientcredentials OAuth 2.0 API implementation...

CVE-2025-0020

creationtimestamp| type| source ---|---|--- 2025-05-14 08:31:22+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/16294 2025-05-14 09:17:42+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lp4o4q5plv2p 2025-05-14 09:19:53+00:00| seen|...

CVE-2025-0020

Rejected reason: “This CVE ID is Rejected and will not be used. As the CNA of record ESRI has rejected this CVE as it is not a vulnerability”...

CVE-2025-0020

CVE-2025-0020 is marked as rejected in the initial entry, but connected documents describe a vulnerability in ArcGIS’s client_credentials OAuth 2.0 API implementation: it allows undocumented, custom token expiration, enabling privilege abuse and manipulation of hidden fields/configuration. Affect...

CVE-2025-0020

...

CVE-2025-0020

...

Mageia: Security Advisory (MGASA-2025-0020)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

BIT-MATTERMOST-2020-14448

An issue was discovered in Mattermost Server before 5.23.0. Automatic direct message replies allow attackers to cause a denial of service infinite loop, aka MMSA-2020-0020...

CVE-2024-0020

In onActivityResult of NotificationSoundPreference.java, there is a possible way to hear audio files belonging to a different user due to a confused deputy. This could lead to local information disclosure across users of a device with no additional execution privileges needed. User interaction is...

CVE-2024-0020

CVE-2024-0020 affects the Android platform component NotificationSoundPreference.java. The flaw arises in onActivityResult, enabling a confused deputy to disclose audio files belonging to another user on the same device. Exploitation is local, requires no user interaction, and can lead to local i...

CVE-2024-0020

In onActivityResult of NotificationSoundPreference.java, there is a possible way to hear audio files belonging to a different user due to a confused deputy. This could lead to local information disclosure across users of a device with no additional execution privileges needed. User interaction is...