AlmaLinux 10 : ruby4.0 (ALSA-2026:20606)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:20606 advisory. ruby/json: Ruby JSON: Denial of Service or Information Disclosure via format string injection CVE-2026-33210 erb: ERB: Arbitrary code execution via...

CVE-2018-20606

imcat 4.4 allows full path disclosure via a dev.php?tools-ipaddr=Pcoln= URI...

CVE-2023-20606

creationtimestamp| type| source ---|---|--- 2023-02-15 14:10:26+00:00| published-proof-of-concept| Telegram/qvQRxQdSUMsEc7T9rQY6WDuPRQgh3CmQncesXSOR3688Q8 2023-03-10 18:52:53+00:00| seen| https://t.me/androidMalware/1782 2025-03-26 14:25:19+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/8852...

CVE-2023-20606

In apusys, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07571104; Issue ID: ALPS07571104...

CVE-2023-20606

CVE-2023-20606 describes an out-of-bounds read in the apusys component due to a missing bounds check, potentially allowing local information disclosure with SYSTEM privileges. Exploitation is reported to not require user interaction. A patch is available (ALPS07571104; Issue ID ALPS07571104). Con...

CVE-2022-20606

In SAEMMMiningCodecTableWithMsgIE of SAEMMRadioMessageCodec.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

CVE-2022-20606

The CVE-2022-20606 entry concerns SAEMM_MiningCodecTableWithMsgIE in SAEMM_RadioMessageCodec.c, where a missing bounds check can cause an out-of-bounds read. This could enable remote information disclosure with system privileges required. User interaction is not required. Connected sources confir...

Mitsubishi (CVE-2021-20606) (deprecated)

Plugin deprecated because mitsubishielectric software is not detectable in this way This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2023/03/10...

CVE-2021-20606

CVE-2021-20606 is an out-of-bounds read vulnerability affecting Mitsubishi Electric FA Engineering Software: GX Works2 ≤ 1.606G, MELSOFT Navigator ≤ 2.84N, and EZSocket ≤ 5.4. When a user opens a malicious project file, the software may read outside the intended buffer, potentially causing a Deni...

Mitsubishi Electric FA Engineering Software (Update B)

1. EXECUTIVE SUMMARY CVSS v3 5.5 ATTENTION: Low attack complexity Vendor: Mitsubishi Electric Equipment: FA Engineering Software Vulnerabilities: Out-of-bounds Read, Integer Underflow 2. UPDATE INFORMATION This updated advisory is a follow-up to the original advisory titled ICSA-21-350-05...

CVE-2019-20606

CVE-2019-20606 affects Samsung mobile devices with software prior to May 2019. A phishing attack against the OMACP service can change network and internet settings (Samsung ID SVE-2019-14073). The NVD entries show CVSSv3.1 base score 9.3 (NETWORK, UI REQUIRED, I:H, A:H) and CVSSv2.0 base 5.8 (I:P...

CVE-2018-20606

imcat 4.4 allows full path disclosure via a dev.php?tools-ipaddr&api=Pcoln&uip= URI...

Zorum 3.5 - 'DBProperty.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/20606/info Zorum is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. A successful exploit of this issue allows an attacker to execute arbitrary server-side script code on an affected computer with the...