CVE-2026-20804

Incorrect privilege assignment in Windows Hello allows an unauthorized attacker to perform tampering locally...

CVE-2026-20804

creationtimestamp| type| source ---|---|--- 2026-01-13 18:01:16+00:00| seen| https://www.thezdi.com/blog/2026/1/13/the-january-2026-security-update-review 2026-01-13 18:16:30+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2026-0007 2026-04-10 10:53:42+00:00| seen|...

CVE-2026-20804 Windows Hello Tampering Vulnerability

...

CVE-2026-20804 Windows Hello Tampering Vulnerability

...

CVE-2025-20804

creationtimestamp| type| source ---|---|--- 2026-01-06 16:03:36+00:00| seen| Telegram/TCex7aZekT09DvEY9wX636dHaOk7Nos7qsus59ia7rYD0xo...

CVE-2025-20804

CVE-2025-20804 : The description indicates a memory corruption via a use-after-free in the dpe component, enabling local escalation of privilege to System level with user interaction required for exploitation. The entry notes a Patch ID ALPS10198951 and Issue ID MSV-4503. Public references across...

CVE-2024-20804

Path traversal vulnerability in FileUriConverter of MyFiles prior to SMR Jan-2024 Release 1 in Android 11 and Android 12, and version 14.5.00.21 in Android 13 allows local attackers to write arbitrary file...

CVE-2021-20804

Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote authenticated attacker to cause a denial of service DoS condition via unspecified vectors...

Microsoft Windows NAT Helper Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft Windows NAT Helper Denial of Service', 'Description' = %q This module exploits a denial of service vulnerability within the Internet...

CVE-2024-20804

Path traversal vulnerability in FileUriConverter of MyFiles prior to SMR Jan-2024 Release 1 in Android 11 and Android 12, and version 14.5.00.21 in Android 13 allows local attackers to write arbitrary file...

CVE-2024-20804

The CVE-2024-20804 vulnerability affects Samsung MyFiles: path traversal in the FileUriConverter prior to SMR Jan-2024 Release 1 on Android 11/12, and version 14.5.00.21 on Android 13. This could let a local attacker write arbitrary files. Affected software/components: MyFiles (FileUriConverter)....

CVE-2024-20804

Path traversal vulnerability in FileUriConverter of MyFiles prior to SMR Jan-2024 Release 1 in Android 11 and Android 12, and version 14.5.00.21 in Android 13 allows local attackers to write arbitrary file...

CVE-2023-20804

In imgsys, there is a reported out-of-bounds write due to a missing bounds check, leading to local escalation of privilege with System execution privileges required and no user interaction. The entry lists Patch ID ALPS07199773 and Issue ID ALPS07326384 as remediation details. Exploitation status...

CVE-2022-20804 Cisco Unified Communications Products Denial of Service Vulnerability

A vulnerability in the Cisco Discovery Protocol of Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an unauthenticated, adjacent attacker to cause a kernel panic on an affected system, resulting in a...

CVE-2022-20804

The CVE-2022-20804 vulnerability affects Cisco Unified Communications Manager (Unified CM) and Unified CM Session Management Edition (Unified CM SME) via the Cisco Discovery Protocol (CDP). The issue stems from incorrect processing of certain CDP packets, allowing an unauthenticated, adjacent att...

CVE-2021-20804

CVE-2021-20804 affects Cybozu Remote Service 3.1.8–3.1.9. A remote authenticated attacker can cause a denial-of-service condition via unspecified vectors. Public references in multiple databases corroborate the DoS impact. The mitigation is to update to the latest Cybozu Remote Service version pe...

CVE-2018-20804

creationtimestamp| type| source ---|---|--- 2020-11-23 18:45:51+00:00| seen| https://t.me/cibsecurity/16698...

CVE-2018-20804

Summary (from provided sources): CVE-2018-20804 affects MongoDB Server versions prior to 4.0.10 (v4.0) and prior to 3.6.13 (v3.6). A user authorized to perform database queries may trigger a denial of service by issuing specially crafted applyOps invocations, with impact described as all versions...

Gila CMS 1.11.5 Cross Site Request Forgery / Cross Site Scripting Vulnerabilities

Exploit for perl platform in category web applications ===== Tempest Security Intelligence - ADV-07/2020 ========================== GilaCMS - Version 1.11.5 Author: Rodolfo Tavares Tempest Security Intelligence - Recife, Pernambuco - Brazil ===== Table of...

CVE-2019-20804

creationtimestamp| type| source ---|---|--- 2020-05-22 02:55:27+00:00| seen| https://t.me/cibsecurity/12238...