CVE-2022-20144

In multiple functions of AvatarPhotoController.java, there is a possible access to content owned by system content providers due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

CVE-2021-20144

An unauthenticated command injection vulnerability exists in the parameters of operation 49 in the controllerserver service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet t...

CVE-2019-20144

An issue was discovered in GitLab Community Edition CE and Enterprise Edition EE 10.8 through 12.6.1. It has Incorrect Access Control...

CVE-2017-20144

A vulnerability has been found in Anvsoft PDFMate PDF Converter Pro 1.7.5.0 and classified as critical. The manipulation leads to memory corruption. The attack can be launched remotely. The exploit has been disclosed to the public and may be used...

CVE-2025-20144

A vulnerability in the hybrid access control list ACL processing of IPv4 packets in Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to incorrect handling of packets when a specific configuration of the hybrid ACL exists. ...

CVE-2025-20144

creationtimestamp| type| source ---|---|--- 2025-03-12 18:36:07+00:00| seen| https://infosec.exchange/users/vuldb/statuses/114150904104711116 2025-03-21 21:22:15+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/8453...

CVE-2025-20144

A vulnerability in the hybrid access control list ACL processing of IPv4 packets in Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to incorrect handling of packets when a specific configuration of the hybrid ACL exists. ...

CVE-2025-20144 Cisco IOS XR Software Access Control List Bypass Vulnerability

A vulnerability in the hybrid access control list ACL processing of IPv4 packets in Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to incorrect handling of packets when a specific configuration of the hybrid ACL exists. ...

CVE-2025-20144

Cisco IOS XR Software is affected by CVE-2025-20144 due to incorrect handling of IPv4 traffic in the hybrid access control list (ACL) processing. Affected component: hybrid ACL configuration/processing; impact: unauthenticated, remote attacker can bypass a configured ACL by sending traffic throug...

CVE-2025-20144 Cisco IOS XR Software Access Control List Bypass Vulnerability

A vulnerability in the hybrid access control list ACL processing of IPv4 packets in Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to incorrect handling of packets when a specific configuration of the hybrid ACL exists. ...

CVE-2024-20144

In V6 DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09167056;...

CVE-2024-20144

creationtimestamp| type| source ---|---|--- 2025-01-06 03:29:23+00:00| seen| https://infosec.exchange/users/cve/statuses/113779288518911401 2025-01-06 03:32:54+00:00| seen| https://infosec.exchange/users/cve/statuses/113779302313248744 2025-01-06 04:15:31+00:00| seen|...

CVE-2024-20144

CVE-2024-20144 affects V6 DA, with an out-of-bounds write caused by a missing bounds check. This can enable local escalation of privilege when an attacker has physical access, requiring user interaction for exploitation. Patch ALPS09167056 fixes MSV-2041 for affected devices. No explicit exploita...

CVE-2023-20144

CVE-2023-20144 affects Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 routers. The web-based management interface has multiple XSS vulnerabilities due to insufficient input validation. An unauthenticated, remote attacker could send crafted HTTP requests and persuade a user to ...

CVE-2023-26332 ZDI-CAN-20144: Adobe Dimension USD File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

Adobe Dimension versions 3.4.7 and earlier is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim...

CVE-2017-20144

CVE-2017-20144 affects Anvsoft PDFMate PDF Converter Pro 1.7.5.0. The vulnerability is described as memory corruption in the program’s handling, with the attack reported as remote capable and the exploit publicly disclosed. Connected sources consistently identify the affected product and the memo...

CVE-2017-20144 Anvsoft PDFMate PDF Converter Pro memory corruption

A vulnerability has been found in Anvsoft PDFMate PDF Converter Pro 1.7.5.0 and classified as critical. The manipulation leads to memory corruption. The attack can be launched remotely. The exploit has been disclosed to the public and may be used...

CVE-2022-20144

In multiple functions of AvatarPhotoController.java, there is a possible access to content owned by system content providers due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

CVE-2022-20144

CVE-2022-20144 affects Android (AvatarPhotoController.java) on Android 10–11, where a confused deputy in multiple functions could allow access to content owned by system content providers. This could enable local escalation of privilege with no additional execution privileges and no user interact...

CVE-2021-20144

creationtimestamp| type| source ---|---|--- 2021-12-09 18:24:03+00:00| seen| https://t.me/cibsecurity/33697...