TencentOS Server 4: LibRaw (TSSA-2026:0413)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0413 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

Important: LibRaw

Issue Overview: An integer overflow vulnerability exists in the deflatedngloadraw functionality of LibRaw. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability. CVE-2026-20884 A heap-based buffer overflow...

Fedora 42 : mingw-LibRaw (2026-826db1b5c0)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-826db1b5c0 advisory. Backport patch for CVE-2026-20884. ---- Backport fixes for CVE-2026-20889 CVE-2026-21413 CVE-2026-24450 CVE-2026-24660 ---- Update to libraw-0.21.5...

Linux Distros Unpatched Vulnerability : CVE-2026-20884

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An integer overflow vulnerability exists in the deflatedngloadraw functionality of LibRaw Commit 8dc68e2. A specially crafted malicious file can lead to a heap...

CVE-2026-20884

creationtimestamp| type| source ---|---|--- 2026-04-07 14:30:34+00:00| seen| https://infosec.place/objects/42dbf6e7-c4bd-4f56-9d41-4a7d96bb33dd 2026-04-07 16:07:27+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3miw5wywaau2r 2026-04-07 17:28:45+00:00|...

CVE-2019-20884

An issue was discovered in Mattermost Server before 5.8.0. It allows attackers to partially attach a file to more than one post...

CVE-2024-20884

Incorrect use of privileged API vulnerability in getSemBatteryUsageStats in BatteryStatsService prior to SMR Jun-2024 Release 1 allows local attackers to use privileged API...

CVE-2025-20884

Improper access control in Samsung Message prior to SMR Jan-2025 Release 1 allows physical attackers to access data across multiple user profiles...

CVE-2025-20884

Improper access control in Samsung Message prior to SMR Jan-2025 Release 1 allows physical attackers to access data across multiple user profiles...

CVE-2025-20884

Improper access control in Samsung Message prior to SMR Jan-2025 Release 1 allows physical attackers to access data across multiple user profiles...

CVE-2025-20884

CVE-2025-20884: Samsung Message contains an improper access control flaw that could allow a person with physical access to a device to access data across multiple user profiles. Affected: Samsung Message prior to SMR Jan-2025 Release 1. Root cause: inadequate access control between user profiles....

CVE-2024-20884

CVE-2024-20884 affects the getSemBatteryUsageStats function in BatteryStatsService. The issue is described as an incorrect use of a privileged API that could allow a local attacker to access privileged API calls. The vulnerability is associated with Samsung/Mobile platforms and is tied to the SMR...

CVE-2023-20884

CVE-2023-20884 affects VMware Workspace ONE Access and VMware Identity Manager. The issue is an insecure redirect caused by improper path handling that could allow an unauthenticated attacker to redirect victims to attacker-controlled domains, potentially disclosing sensitive information. VMware ...

VMSA-2023-0011:VMware Workspace ONE Access and Identity Manager update addresses an Insecure Redirect Vulnerability.

Advisory ID: VMSA-2023-0011 CVSSv3 Range: 6.1 Issue Date:2023-05-30 Updated On: 2023-05-30 Initial Advisory CVEs: CVE-2023-20884 Synopsis: VMware Workspace ONE Access and Identity Manager update addresses an Insecure Redirect Vulnerability. CVE-2023-20884 RSS Feed Download PDF Download Text File...

CVE-2022-20884

creationtimestamp| type| source ---|---|--- 2022-07-21 16:19:39+00:00| seen| https://t.me/cibsecurity/46744...

CVE-2022-20884

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of...

CVE-2022-20884

Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers are affected by multiple vulnerabilities in the web-based management interface due to insufficient validation of user fields in HTTP packets. An authenticated attacker with admin credentials could exploit crafted requests to execute a...

CVE-2022-20884 Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Remote Command Execution and Denial of Service Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of...

CVE-2019-20884

An issue was discovered in Mattermost Server before 5.8.0. It allows attackers to partially attach a file to more than one post...

CVE-2019-20884

Mattermost Server prior to 5.8.0 has a vulnerability that allows attackers to partially attach a file to more than one post. The connected documents confirm the issue and the affected version range, but no concrete root-cause, exploit details, or mitigation steps are provided in the texts. Remedi...