QNAP Systems File Station 5 Null Pointer Dereference Vulnerability (CNVD-2025-20850)

QNAP Systems File Station 5威联通QNAP presents a file management application for browsing, uploading, downloading and managing files and folders stored on NAS devices, remote servers or external storage devices. A null pointer dereference vulnerability exists in QNAP Systems File Station 5, which ca...

CVE-2024-20850

Use of Implicit Intent for Sensitive Communication in Samsung Pay prior to version 5.4.99 allows local attackers to access information of Samsung Pay...

CVE-2024-20850

Use of Implicit Intent for Sensitive Communication in Samsung Pay prior to version 5.4.99 allows local attackers to access information of Samsung Pay...

CVE-2024-20850

Use of Implicit Intent for Sensitive Communication in Samsung Pay prior to version 5.4.99 allows local attackers to access information of Samsung Pay...

CVE-2024-20850

The CVE-2024-20850 entry concerns Samsung Pay on Samsung devices, where an implicit Intent for sensitive communication is used. This design flaw allows local attackers to access Samsung Pay information. Affected versions are prior to 5.4.99. The vulnerability’s impact is confined to confidentiali...

CVE-2024-20850

Use of Implicit Intent for Sensitive Communication in Samsung Pay prior to version 5.4.99 allows local attackers to access information of Samsung Pay...

CVE-2023-20850

creationtimestamp| type| source ---|---|--- 2023-09-04 07:16:17+00:00| seen| https://t.me/cibsecurity/69730...

CVE-2023-20850

The CVE concerns the imgsys_cmdq component in MediaTek chips, where an out-of-bounds write can occur due to missing valid range checking. This could permit local escalation of privilege with system execution privileges required, and user interaction is needed for exploitation. Documented impact i...

Amazon Linux 2 : libicu60 (ALAS-2023-2172)

The version of libicu60 installed on the remote host is prior to 60.3-2. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2172 advisory. International Components for Unicode ICU-20850 v66.1 was discovered to contain a use after free bug in the pkgcreateWithAssemblyCod...

CVE-2022-20850 Cisco SD-WAN Arbitrary File Deletion Vulnerability

A vulnerability in the CLI of stand-alone Cisco IOS XE SD-WAN Software and Cisco SD-WAN Software could allow an authenticated, local attacker to delete arbitrary files from the file system of an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit...

CVE-2022-20850

Cisco CVE-2022-20850 concerns the CLI of stand-alone Cisco IOS XE SD-WAN Software and Cisco SD-WAN Software. The root cause is insufficient input validation, enabling an authenticated, local attacker to inject arbitrary file path information to delete arbitrary files from the device filesystem. I...

Cisco IOS XE Software SD WAN Arbitrary File Deletion (cisco-sa-arb-file-delete-VB2rVcQv)

According to its self-reported version, Cisco IOS-XE Software is affected by a vulnerability. - A vulnerability in the CLI of stand-alone Cisco IOS XE SD-WAN Software and Cisco SD-WAN Software could allow an authenticated, local attacker to delete arbitrary files from the file system of an affect...

Huawei EulerOS: Security Advisory for icu (EulerOS-SA-2022-1226)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-20850

creationtimestamp| type| source ---|---|--- 2021-11-24 18:27:16+00:00| seen| https://t.me/cibsecurity/32959...

CVE-2021-20850

PowerCMS XMLRPC API of PowerCMS 5.19 and earlier, PowerCMS 4.49 and earlier, PowerCMS 3.295 and earlier, and PowerCMS 2 Series End-of-Life, EOL allows a remote attacker to execute an arbitrary OS command via unspecified vectors...

CVE-2021-20850

PowerCMS XMLRPC API of PowerCMS 5.19 and earlier, PowerCMS 4.49 and earlier, PowerCMS 3.295 and earlier, and PowerCMS 2 Series End-of-Life, EOL allows a remote attacker to execute an arbitrary OS command via unspecified vectors...

CVE-2021-20850

CVE-2021-20850 affects PowerCMS 5.19 and earlier, PowerCMS 4.49 and earlier, PowerCMS 3.295 and earlier, and PowerCMS 2 Series (EOL). The vulnerability is an OS command injection through the PowerCMS XMLRPC API, allowing a remote attacker to execute arbitrary commands. The XMLRPC API usage (mt-xm...

CVE-2020-21913

International Components for Unicode ICU-20850 v66.1 was discovered to contain a use after free bug in the pkgcreateWithAssemblyCode function in the file tools/pkgdata/pkgdata.cpp...

Design/Logic Flaw

International Components for Unicode ICU-20850 v66.1 was discovered to contain a use after free bug in the pkgcreateWithAssemblyCode function in the file tools/pkgdata/pkgdata.cpp...

CVE-2020-21913

International Components for Unicode ICU-20850 v66.1 was discovered to contain a use after free bug in the pkgcreateWithAssemblyCode function in the file tools/pkgdata/pkgdata.cpp...