CVE-2026-20839

creationtimestamp| type| source ---|---|--- 2026-01-13 18:01:16+00:00| seen| https://www.thezdi.com/blog/2026/1/13/the-january-2026-security-update-review 2026-01-13 18:16:30+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2026-0007 2026-04-10 10:53:42+00:00| seen|...

CVE-2026-20839

Improper access control in Windows Client-Side Caching CSC Service allows an authorized attacker to disclose information locally...

CVE-2026-20839

CVE-2026-20839 : Improper access control in the Windows Client-Side Caching (CSC) Service may allow an authorized local attacker to disclose information. The CVSSv3.1 vector indicates a local attack with low complexity and low privileges required, but with high confidentiality impact (C:H, I:N, A...

CVE-2024-20839

Improper access control in Samsung Voice Recorder prior to versions 21.5.16.01 in Android 12 and Android 13, 21.4.51.02 in Android 14 allows physical attackers to access recording files on the lock screen...

CVE-2022-20839

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center FMC Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface of an affected device. These vulnerabilities are due t...

CVE-2021-20839

Office Server Document Converter V7.2MR4 and earlier and V7.1MR7 and earlier allows a remote unauthenticated attacker to conduct an XML External Entity XXE attack to cause a denial of service DoS condition to the other servers by processing a specially crafted XML document...

Linux Distros Unpatched Vulnerability : CVE-2018-20839

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - systemd 242 changes the VT1 mode upon a logout, which allows attackers to read cleartext passwords in certain circumstances, such as watching a shutdown, or usi...

Linux Distros Unpatched Vulnerability : CVE-2019-20839

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libvncclient/sockets.c in LibVNCServer before 0.9.13 has a buffer overflow via a long socket filename. CVE-2019-20839 Note that Nessus relies on the presence of...

CVE-2024-20839

creationtimestamp| type| source ---|---|--- 2024-03-05 06:22:30+00:00| seen| https://t.me/ctinow/199935 2024-03-05 06:27:17+00:00| seen| https://t.me/ctinow/199948...

CVE-2024-20839

Summary of CVE-2024-20839 : Samsung Voice Recorder suffers improper access control that allows access to recording files while on the lock screen. Affected versions are Samsung Voice Recorder prior to 21.5.16.01 on Android 12/13 and prior to 21.4.51.02 on Android 14. The root cause is failure to ...

CVE-2023-20839

creationtimestamp| type| source ---|---|--- 2023-09-04 07:16:11+00:00| seen| https://t.me/cibsecurity/69724...

CVE-2023-20839

CVE-2023-20839 affects the imgsys component. The root cause is an out-of-bounds read due to missing valid range checking, leading to local information disclosure with system execution privileges required and user interaction for exploitation. The vulnerability is documented across multiple source...

NewStart CGSL MAIN 6.02 : libvncserver Multiple Vulnerabilities (NS-SA-2022-0048)

The remote NewStart CGSL host, running version MAIN 6.02, has libvncserver packages installed that are affected by multiple vulnerabilities: - An issue was discovered in LibVNCServer before 0.9.13. There is an information leak of uninitialized memory contents in the libvncclient/rfbproto.c...

CVE-2021-20839

The CVE-2021-20839 entry concerns Antenna House Office Server Document Converter. Affects V7.2MR4 and earlier and V7.1MR7 and earlier. The flaw is an XML External Entity (XXE) vulnerability in processing specially crafted XML documents, enabling a remote unauthenticated attacker to cause a denial...

Multiple improper restriction of XML external entity reference (XXE) vulnerabilities in Office Server Document Converter

Overview Office Server Document Converter provided by Antenna House, Inc. contains multiple improper restriction of XML external entity reference XXE vulnerabilities listed below. Improper restriction of XML external entity reference XXE CWE-611 - CVE-2021-20838 Resource exhaustion in the PDF...

libvncserver security update

0.9.11-17 - Fix CVE-2020-25708 Resolves: 1898078 0.9.11-16 - Fix CVE-2019-20839 Resolves: 1851032 - Fix CVE-2018-21247 Resolves: 1852516 - Fix CVE-2020-14405 Resolves: 1860527 - Fix CVE-2020-14397 Resolves: 1861152...

CentOS 8 : libvncserver (CESA-2021:1811)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:1811 advisory. - libvncserver: uninitialized memory contents are vulnerable to Information Leak CVE-2018-21247 - libvncserver: buffer overflow in...

ALSA-2021:1811 Moderate: libvncserver security update

LibVNCServer is a C library that enables you to implement VNC server functionality into own programs. Security Fixes: libvncserver: uninitialized memory contents are vulnerable to Information Leak CVE-2018-21247 libvncserver: buffer overflow in ConnectClientToUnixSock CVE-2019-20839 libvncserver:...

Huawei EulerOS: Security Advisory for libvncserver (EulerOS-SA-2020-2362)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : LibVNCServer vulnerabilities (USN-4434-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4434-1 advisory. Ramin Farajpour Cami discovered that LibVNCServer incorrectly handled certain malformed unix socket names. A remote attacker coul...