CVE-2026-20611

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. Processing a maliciously crafted media fil...

CVE-2023-20611

In gpu, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588678; Issue ID: ALPS07588678...

CVE-2022-20611

In deletePackageVersionedInternal of DeletePackageHelper.java, there is a possible way to bypass carrier restrictions due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

Mitsubishi Electric MELSEC and MELIPC Series Improper Input Validation (CVE-2021-20611)

Improper Input Validation vulnerability in Mitsubishi Electric MELSEC iQ-R Series R00/01/02CPU Firmware versions 24 and prior, Mitsubishi Electric MELSEC iQ-R Series R04/08/16/32/120ENCPU Firmware versions 57 and prior, Mitsubishi Electric MELSEC iQ-R Series R08/16/32/120SFCPU Firmware versions 2...

CVE-2023-20611

creationtimestamp| type| source ---|---|--- 2023-02-06 22:29:41+00:00| seen| https://t.me/cibsecurity/57605...

CVE-2023-20611

CVE-2023-20611 concerns a race-condition related use-after-free in the GPU component, leading to local escalation of privilege with SYSTEM privileges required and no user interaction. Patch ALPS07588678/ALPS07588678 is referenced. Multiple sources (NVD, Red Hat, CVE listings) corroborate the same...

CVE-2023-20611

In gpu, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588678; Issue ID: ALPS07588678...

CVE-2022-20611

CVE-2022-20611 affects Android 10–13, arising from a permissions bypass in DeletePackageHelper.java: deletePackageVersionedInternal can bypass carrier restrictions, enabling local privilege escalation without additional execution privileges. Exploitation is local and does not require user interac...

CVE-2022-20611

In deletePackageVersionedInternal of DeletePackageHelper.java, there is a possible way to bypass carrier restrictions due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

CVE-2021-20611

creationtimestamp| type| source ---|---|--- 2021-12-01 18:40:06+00:00| seen| https://t.me/cibsecurity/33209 2023-11-11 04:31:22+00:00| seen| https://t.me/arpsyndicate/80...

CVE-2021-20611

CVE-2021-20611 is an improper input validation vulnerability affecting Mitsubishi Electric MELSEC iQ-R Series CPUs (R00/01/02 up to older revisions; R04/08/16/32/120(EN); R08/16/32/120SF; R08/16/32/120P; R16/32/64MT; R12CC-V) and MELSEC Q/L/MELIPC lines (various Q-series CPUs, L-series, MELIPC MI...

CVE-2019-20611

An issue was discovered on Samsung mobile devices with N7.x, O8.x, Go8.1, P9.0, and Go9.0 Exynos chipsets software. A baseband stack overflow leads to arbitrary code execution. The Samsung ID is SVE-2019-13963 April 2019...

CVE-2019-20611

The CVE-2019-20611 entry describes a baseband stack overflow in Samsung mobile devices with Exynos chips (N7.x, O8.x, Go8.1, P9.0, Go9.0) leading to arbitrary code execution. Root cause: a stack overflow in the baseband firmware; impact: potential full device compromise with high privileges. Publ...

CVE-2018-20611

CVE-2018-20611 affects imcat 4.4 and is a reflected-style XSS vulnerability triggered by a crafted cookie sent to the URI root/tools/adbug/binfo.php?cookie. The known impact is cross-site scripting; documentation does not specify exact payloads, affected exact versions beyond 4.4, or exploitation...