CVE-2026-20096

creationtimestamp| type| source ---|---|--- 2026-04-01 17:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0388/ 2026-04-01 18:03:43+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mihbnrwaw72g 2026-04-02 07:29:28+00:00| seen|...

CVE-2024-20096

In m4u, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08996900; Issue ID: MSV-1635...

CVE-2021-20096

Cross-site request forgery in OpenOversight 0.6.4 allows a remote attacker to perform sensitive application actions by tricking legitimate users into clicking a crafted link...

Linux Distros Unpatched Vulnerability : CVE-2018-20096

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is a heap-based buffer over-read in the Exiv2::tEXtToDataBuf function of pngimage.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of...

Linux Distros Unpatched Vulnerability : CVE-2019-20096

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel before 5.1, there is a memory leak in featregistersp in net/dccp/feat.c, which may cause denial of service, aka CID-1d3ff0950e2b...

CVE-2023-37318

D-Link DAP-2622 DDP Set IPv6 Address Secondary DNS Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this...

RockyLinux 8 : exiv2 (RLSA-2020:1577)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2020:1577 advisory. exiv2: infinite loop and hang in Jp2Image::readMetadata in jp2image.cpp could lead to DoS CVE-2019-20421 exiv2: null pointer dereference in the...

CVE-2023-20096

Cisco Unified Contact Center Express (Unified CCX) contains a stored Cross-Site Scripting (XSS) vulnerability in its web-based management interface due to insufficient input validation. An authenticated, remote attacker could inject crafted input into various management fields to execute scripts ...

Ubuntu: Security Advisory (USN-4287-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2017-20096

WP-SpamFree Anti-Spam Plugin for WordPress (version 2.1.1.4) contains a cross-site scripting (XSS) vulnerability described as affecting an unknown part of the plugin. The issue permits remote initiation of an XSS attack. The connected documents consistently identify it as a basic XSS vulnerabilit...

CVE-2022-20096

The CVE-2022-20096 entry concerns MediaTek devices’ camera component (affecting multiple chips such as MT6765/6768/6769/8183/8185/8385/8666/8667/8768/8786/8788/8789).根 The root cause is uninitialized data in the camera path, enabling local information disclosure. Reported impact: potential local ...

CVE-2020-20096

creationtimestamp| type| source ---|---|--- 2022-03-24 01:29:08+00:00| seen| https://t.me/cibsecurity/39469 2022-03-28 17:01:00+00:00| exploited| https://t.me/truesecator/2779 2022-03-28 19:02:41+00:00| exploited| https://t.me/SEReborn/2017 2022-03-29 11:01:01+00:00| published-proof-of-concept|...

CVE-2020-20096

Whatsapp iOS 2.19.80 and prior and Android 2.19.222 and prior user interface does not properly represent URI messages to the user, which results in URI spoofing via specially crafted messages...

CVE-2020-20096

CVE-2020-20096 affects WhatsApp for iOS (2.19.80 and prior) and Android (2.19.222 and prior). The root cause described in the sources is that the user interface doesn’t properly represent URI messages, enabling URI spoofing through specially crafted messages. The linked documents collectively con...

CVE-2021-20096

Cross-site request forgery in OpenOversight 0.6.4 allows a remote attacker to perform sensitive application actions by tricking legitimate users into clicking a crafted link...

CVE-2021-20096

Cross-site request forgery in OpenOversight 0.6.4 allows a remote attacker to perform sensitive application actions by tricking legitimate users into clicking a crafted link...

CVE-2021-20096

Cross-site request forgery in OpenOversight 0.6.4 allows a remote attacker to perform sensitive application actions by tricking legitimate users into clicking a crafted link...

CVE-2021-20096

OpenOversight 0.6.4 is affected by a Cross‑Site Request Forgery (CSRF) vulnerability. Multiple sources (Red Hat, NVD/NVD-derived records, OSV, CVE listings) describe that a remote attacker can trick authenticated users into performing sensitive actions by clicking a crafted link. The vulnerabilit...

SUSE: Security Advisory (SUSE-SU-2020:0093-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OracleVM 3.4 : Unbreakable / etc (OVMSA-2020-0044)

The remote OracleVM system is missing necessary patches to address critical security updates : please see Oracle VM Security Advisory OVMSA-2020-0044 for details. C Tenable Network Security, Inc. The package checks in this plugin were extracted from OracleVM Security Advisory OVMSA-2020-0044...