CVE-2022-20200

In updateApState of SoftApManager.java, there is a possible leak of hotspot state due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

CVE-2025-20200

creationtimestamp| type| source ---|---|--- 2025-05-07 21:31:53+00:00| seen| https://t.me/cvedetector/24752 2025-09-19 18:51:31+00:00| seen| https://gist.github.com/EbonJaeger/2ba8ad95fbe2fa2ac2e44b74f6abfe47...

CVE-2025-20200

A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with privilege level 15 to elevate privileges to root on the underlying operating system of an affected device. This vulnerability is due to insufficient input validation when processing specific...

Linux Distros Unpatched Vulnerability : CVE-2021-20200

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was n...

Linux Distros Unpatched Vulnerability : CVE-2019-20200

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxmldecode, while parsing crafted a XML file, performs incorrect memory handling, leading to...

CVE-2023-35712

Ashlar-Vellum Cobalt XE is affected by a remote code execution vulnerability in the XE file parser caused by uninitialized memory access. The issue allows an attacker, with user interaction (visiting a malicious page or opening a malicious XE file), to execute code in the context of the victim pr...

CVE-2023-35712 Ashlar-Vellum Cobalt XE File Parsing Uninitialized Memory Remote Code Execution Vulnerability

Ashlar-Vellum Cobalt XE File Parsing Uninitialized Memory Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must...

CVE-2023-20200

creationtimestamp| type| source ---|---|--- 2023-08-23 22:12:42+00:00| seen| https://t.me/cibsecurity/69080 2025-07-01 14:11:14+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/20027...

CVE-2023-20200

CVE-2023-20200 affects Cisco FXOS (Firepower 4100 series, Firepower 9300 security appliances) and Cisco UCS 6300 Series Fabric Interconnects. The root cause is improper handling of specific SNMP requests, enabling an authenticated, remote attacker to trigger a device reload and cause a DoS. The e...

CVE-2022-20200

CVE-2022-20200 affects Android 12L’s SoftApManager.updateApState, where a missing permission check can leak hotspot state. This enables local information disclosure with no extra privileges and no user interaction. The vulnerability is documented across multiple sources (NVD/Red Hat/PRION/Pixel b...

CVE-2022-20200

In updateApState of SoftApManager.java, there is a possible leak of hotspot state due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

SUSE: Security Advisory (SUSE-SU-2021:3873-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for netcdf (openSUSE-SU-2021:3815-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE: Security Advisory for netcdf (openSUSE-SU-2021:1505-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security Bulletin: IBM Resilient SOAR is Using Components with Known Vulnerabilities - OkHttp 3.x (CVE-2018-20200)

Summary CertificatePinner.java in OkHttp 3.x through 3.12.0 allows man-in-the-middle attackers to bypass certificate pinning by changing SSLContext and the boolean values while hooking the application. Vulnerability Details CVEID: CVE-2018-20200 DESCRIPTION: DISPUTED CertificatePinner.java in...

CVE-2019-20200

An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxmldecode, while parsing crafted a XML file, performs incorrect memory handling, leading to a heap-based buffer over-read in the "normalize line endings" feature...

CVE-2019-20200

CVE-2019-20200 concerns ezXML versions 0.8.3–0.8.6, where ezxml_decode during XML parsing mishandles memory, causing a heap-based buffer over-read in the “normalize line endings” path. The issue is documented across multiple advisories (netcdf-related) and is referenced by several CVEs (e.g., CVE...

CVE-2019-20200

An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxmldecode, while parsing crafted a XML file, performs incorrect memory handling, leading to a heap-based buffer over-read in the "normalize line endings" feature...

CVE-2019-20200

An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxmldecode, while parsing crafted a XML file, performs incorrect memory handling, leading to a heap-based buffer over-read in the "normalize line endings" feature...

DEBIAN-CVE-2018-20200

CertificatePinner.java in OkHttp 3.x through 3.12.0 allows man-in-the-middle attackers to bypass certificate pinning by changing SSLContext and the boolean values while hooking the application. NOTE: This id is disputed because some parties don't consider this is a vulnerability. Their rationale...