CVE-2024-20500

A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device. This vulnerability is due to insufficient resource...

CVE-2022-20500

In loadFromXml of ShortcutPackage.java, there is a possible crash on boot due to an uncaught exception. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11...

CVE-2024-20500

creationtimestamp| type| source ---|---|--- 2024-10-02 22:13:17+00:00| seen| https://t.me/cvedetector/6869...

CISA Flags 8 Actively Exploited Flaws in Samsung and D-Link Devices

The U.S. Cybersecurity and Infrastructure Security Agency CISA has placed a set of eight flaws to the Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation. This includes six shortcomings affecting Samsung smartphones and two vulnerabilities impacting D-Link device...

CVE-2019-20500

creationtimestamp| type| source ---|---|--- 2023-06-29 18:10:02+00:00| seen| MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123 2024-12-24 20:34:47+00:00| seen| https://feedsin.space/feed/CISAKevBot/items/2971848 2025-02-23 02:10:43+00:00| seen| MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123 2026-02-02...

VulnCheck KEV: CVE-2019-20500

D-Link DWL-2600AP access point contains an authenticated command injection vulnerability via the Save Configuration functionality in the Web interface, using shell metacharacters in the admin.cgi?action=configsave configBackup or downloadServerip parameter...

CVE-2022-20500

creationtimestamp| type| source ---|---|--- 2022-12-13 18:21:59+00:00| seen| https://t.me/cibsecurity/54411 2025-04-22 14:03:34+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/12844...

CVE-2022-20500

In loadFromXml of ShortcutPackage.java, there is a possible crash on boot due to an uncaught exception. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11...

CVE-2022-20500

CVE-2022-20500 : In ShortcutPackage.java, loadFromXml may crash on boot due to an uncaught exception, causing local denial of service without extra privileges. Affected: Android 10–13. Impact is a local DoS; exploitation requires no user interaction. Mitigation: update Android to a patched build ...

CVE-2022-20500

In loadFromXml of ShortcutPackage.java, there is a possible crash on boot due to an uncaught exception. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11...

CVE-2021-20500

IBM Security Verify Access Docker 10.0.0 could reveal highly sensitive information to a local privileged user. IBM X-Force ID: 197980...

CVE-2021-20500

CVE-2021-20500 affects IBM Security Verify Access Docker 10.0.0, with an information-disclosure flaw that could reveal highly sensitive data to a local privileged user. The issue is confirmed in IBM’s vulnerability bulletin and related sources, which also lists a remediation: upgrade to the patch...

CVE-2019-20500

CVE-2019-20500 affects D-Link DWL-2600AP devices with firmware 4.2.0.15 Rev A. An authenticated OS command injection exists via the Web interface Save Configuration functionality, exploiting shell metacharacters in admin.cgi?action=config_save and related parameters (configBackup or downloadServe...

CVE-2019-20500

D-Link DWL-2600AP 4.2.0.15 Rev A devices have an authenticated OS command injection vulnerability via the Save Configuration functionality in the Web interface, using shell metacharacters in the admin.cgi?action=configsave configBackup or downloadServerip parameter. Recent assessments: Assessed...

CVE-2018-20500

An insecure permissions issue was discovered in GitLab Community and Enterprise Edition 9.4 and later but before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. The runner registration token in the CI/CD settings could not be reset. This was a security risk if one of the maintainers leav...

D-Link DWL-2600AP - Multiple OS Command Injection

D-Link DWL-2600AP - Multiple OS Command Injection Document Title: =============== D-Link DWL-2600AP - Authenticated OS Command Injection Restore Configuration Product & Service Introduction: =============================== The D-Link DWL-2600AP has a web interface for configuration. You can use a...

D-Link DWL-2600AP - Multiple OS Command Injection

Document Title: =============== D-Link DWL-2600AP - Authenticated OS Command Injection Restore Configuration Product & Service Introduction: =============================== The D-Link DWL-2600AP has a web interface for configuration. You can use any web browser you like to login to the D-Link...