CVE-2025-20252

creationtimestamp| type| source ---|---|--- 2025-08-14 17:02:53+00:00| seen| Telegram/RueK-n9tVLQ4EG6vKMdK22oF7-XXtnoRG69OtWvEp0Vlpd0...

CVE-2025-20252

A vulnerability in the Internet Key Exchange Version 2 IKEv2 module of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to trigger a memory leak, resulting in a denial of service DoS...

CVE-2022-20252

In PackageManager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...

CVE-2018-20252

creationtimestamp| type| source ---|---|--- 2024-03-30 06:03:17+00:00| published-proof-of-concept| https://t.me/CybNux/6061...

Cisco Expressway Series XSRF (cisco-sa-expressway-csrf-KnnZDMj3)

According to its self-reported version, Cisco Expressway Series is affected by multiple vulnerabilities. - A vulnerability in Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an unauthenticated, remote attacker to conduct cross-site request forgery CSRF...

Critical Patches Released for New Flaws in Cisco, Fortinet, VMware Products

Cisco, Fortinet, and VMware have released security fixes for multiple security vulnerabilities, including critical weaknesses that could be exploited to perform arbitrary actions on affected devices. The first set from Cisco consists of three flaws – CVE-2024-20252 and CVE-2024-20254 CVSS score:...

CVE-2024-20252

creationtimestamp| type| source ---|---|--- 2024-02-07 18:32:20+00:00| seen| https://t.me/ctinow/180879 2024-02-08 07:23:59+00:00| seen| Telegram/gOH8xHWbC4CXiY3g8XS3woeRPUUAdrl6cclrPBKkTQ8MVA 2024-02-08 07:40:54+00:00| seen| https://t.me/KomunitiSiber/1458 2024-02-08 08:08:35+00:00| seen|...

CVE-2024-20252

Multiple vulnerabilities in Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an unauthenticated, remote attacker to conduct cross-site request forgery CSRF attacks that perform arbitrary actions on an affected device. Note: "Cisco Expressway Series" refers...

CVE-2023-20252

creationtimestamp| type| source ---|---|--- 2023-09-27 22:36:06+00:00| seen| https://t.me/cibsecurity/71141 2023-09-29 12:12:31+00:00| seen| https://t.me/truesecator/4909 2023-09-29 19:36:15+00:00| published-proof-of-concept| Telegram/Fwp63kFR1ejne67uCydpDMgAF8KtL8WBoKV3vP0460IO2Pm...

CVE-2023-20252

A vulnerability in the Security Assertion Markup Language SAML APIs of Cisco Catalyst SD-WAN Manager Software could allow an unauthenticated, remote attacker to gain unauthorized access to the application as an arbitrary user. This vulnerability is due to improper authentication checks for SAML...

CVE-2023-20252

A vulnerability in the Security Assertion Markup Language SAML APIs of Cisco Catalyst SD-WAN Manager Software could allow an unauthenticated, remote attacker to gain unauthorized access to the application as an arbitrary user. This vulnerability is due to improper authentication checks for SAML...

CVE-2023-20252

CVE-2023-20252 affects Cisco Catalyst SD-WAN Manager (Cisco vManage) SAML API authentication. Root cause: improper authentication checks in SAML API endpoints allow unauthenticated remote attackers to obtain an authorization token and gain access as an arbitrary user. Impact: high – remote unauth...

CVE-2019-20252

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during the year 2019. Notes: none...

CVE-2022-20252

CVE-2022-20252 is a vulnerability in Android 13’s PackageManager where an attacker can deduce whether an app is installed without query permissions due to a side-channel information disclosure. This enables local information disclosure with no extra execution privileges required; exploitation req...

MikroTik RouterOS < 6.47 Multiple Vulnerabilities

MikroTik RouterOS is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:mikrotik:routeros"; if...

CVE-2020-20252

CVE-2020-20252 affects MikroTik RouterOS prior to stable 6.47. A memory corruption in the /nova/bin/lcdstat process can be triggered by an authenticated remote attacker, causing a Denial of Service via a NULL pointer dereference. Impact is partial availability disruption. Public exploitation deta...

CVE-2021-20252

creationtimestamp| type| source ---|---|--- 2021-02-24 02:35:33+00:00| seen| https://t.me/cibsecurity/24050...

CVE-2021-20252

A flaw was found in Red Hat 3scale API Management Platform 2. The 3scale backend does not perform preventive handling on user-requested date ranges in certain queries allowing a malicious authenticated user to submit a request with a sufficiently large date range to eventually yield an internal...

CVE-2021-20252

CVE-2021-20252 affects Red Hat 3scale API Management Platform 2. The vulnerability arises because the 3scale backend does not properly constrain user-requested date ranges in certain queries, allowing an authenticated user to submit a sufficiently large date range that can trigger an internal ser...

CVE-2021-20252

A flaw was found in 3scale. The 3scale backend does not perform preventive handling on user-requested date ranges in certain queries allowing a malicious authenticated user to submit a request with a sufficiently large date range to eventually yield an internal server error resulting in denial of...