CVE-2026-20825

creationtimestamp| type| source ---|---|--- 2026-01-13 18:01:16+00:00| seen| https://www.thezdi.com/blog/2026/1/13/the-january-2026-security-update-review 2026-01-13 18:16:30+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2026-0007 2026-04-10 10:53:42+00:00| seen|...

CVE-2026-20825 Windows Hyper-V Information Disclosure Vulnerability

...

CVE-2026-20825

Improper access control in Windows Hyper-V allows an authorized attacker to disclose information locally...

CVE-2019-20825

An issue was discovered in Foxit PhantomPDF before 8.3.11. It has an out-of-bounds write when Internet Explorer is used...

CVE-2024-20825

The connected PT-2024-18732 entry provides concrete details for CVE-2024-20825: Galaxy Store prior to version 4.5.63.6 is affected by an implicit intent hijacking vulnerability in the In-App Purchase (IAP) component, enabling local attackers to access sensitive information via implicit intents. T...

CVE-2023-20825

creationtimestamp| type| source ---|---|--- 2023-09-04 07:16:20+00:00| seen| https://t.me/cibsecurity/69732...

CVE-2023-20825

In duraspeed, a missing permission check enables local information disclosure without extra execution privileges or user interaction. Affected component/feature is unspecified in the provided details, and the vulnerability is linked to patch ALPS07951402 (Issue ALPS07951413). Exploitation is desc...

CVE-2022-20825

creationtimestamp| type| source ---|---|--- 2022-06-20 14:30:04+00:00| seen| https://t.me/truesecator/3076 2022-06-20 14:54:31+00:00| seen| https://t.me/itsecnews/862 2022-06-20 16:58:27+00:00| exploited| https://t.me/SecLabNews/12313 2022-09-08 15:20:10+00:00| seen| https://t.me/truesecator/3392...

Critical Flaw in Cisco Secure Email and Web Manager Lets Attackers Bypass Authentication

Cisco on Wednesday rolled out fixes to address a critical security flaw affecting Email Security Appliance ESA and Secure Email and Web Manager that could be exploited by an unauthenticated, remote attacker to sidestep authentication. Assigned the CVE identifier CVE-2022-20798, the bypass...

CVE-2022-20825

The CVE-2022-20825 entry corresponds to Cisco Small Business RV110W/RV130/RV130W/RV215W routers. The vulnerability stems from insufficient input validation of incoming HTTP packets in the web-based management interface, enabling an unauthenticated, remote attacker to execute arbitrary code or cau...

CVE-2021-20825

Cross-site scripting vulnerability in List order management item change plug-in for EC-CUBE 3.0 series Ver.1.1 and earlier allows a remote attacker to inject an arbitrary script via unspecified vectors...

CVE-2021-20825

CVE-2021-20825 affects the EC-CUBE List (order management) item change plug-in for the 3.0 series, specifically Ver.1.1 and earlier. The vulnerability is a cross-site scripting (CWE-79) flaw in the plugin, enabling an arbitrary script to be executed in the administrator’s browser via unspecified ...

CVE-2019-20825

CVE-2019-20825 affects Foxit PhantomPDF before 8.3.11, with an out-of-bounds write when Internet Explorer is used. The issue is detailed across multiple sources (NVD, Red Hat, CNVD, CVE listings) as a high-severity vulnerability (CVSSv3.1: 9.8, NETWORK, LOW attack complexity, NONE privileges, no ...