MAL-2025-20903 Malicious code in foxtrot-vwt-project (npm)

The package foxtrot-vwt-project was found to contain malicious code...

CVE-2023-20903

This disclosure regards a vulnerability related to UAA refresh tokens and external identity providers.Assuming that an external identity provider is linked to the UAA, a refresh token is issued to a client on behalf of a user from that identity provider, the administrator of the UAA deactivates t...

CVE-2018-20903

cPanel before 71.9980.37 allows self XSS in the WHM Backup Configuration interface SEC-421...

CVE-2025-20903

Improper access control in SecSettingsIntelligence prior to SMR Mar-2025 Release 1 allows local attackers to launch privileged activities. User interaction is required for triggering this vulnerability...

CVE-2025-20903

creationtimestamp| type| source ---|---|--- 2025-03-08 04:34:09+00:00| seen| Telegram/XAIzYFYFcLbUvYnmEfvTBST5cPXD1RLrS1ekNLZsrnUNHLTp...

CVE-2025-20903

Improper access control in SecSettingsIntelligence prior to SMR Mar-2025 Release 1 allows local attackers to launch privileged activities. User interaction is required for triggering this vulnerability...

CVE-2025-20903

CVE-2025-20903 describes an improper access control flaw in Samsung’s SecSettingsIntelligence prior to the SMR March-2025 Release 1. The issue allows local attackers to perform privileged activities, with user interaction required to trigger the vulnerability. The CVSS 3.1 vector indicates local ...

CVE-2025-20903

Improper access control in SecSettingsIntelligence prior to SMR Mar-2025 Release 1 allows local attackers to launch privileged activities. User interaction is required for triggering this vulnerability...

SUSE CVE-2024-20903

unknown...

CVE-2024-20903

...

CVE-2024-20903

...

CVE-2024-20903

CVE-2024-20903 affects Oracle Database Server Java VM component. Affected versions are 19.3–19.21 and 21.3–21.12. The vulnerability allows a low-privileged attacker with Create Session and Create Procedure privileges and network access via Oracle Net to compromise the Java VM, potentially leading...

CVE-2024-20903

creationtimestamp| type| source ---|---|--- 2024-02-06 18:41:41+00:00| seen| https://t.me/ctinow/180228 2024-02-17 03:26:35+00:00| seen| https://t.me/ctinow/186741...

Oracle Database Server (January 2024 CPU)

The versions of Oracle Database Server installed on the remote host are affected by multiple vulnerabilities as referenced in the January 2024 CPU advisory. - Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19.3-19.21 and 21.3-21.12. Easi...

CVE-2023-20903

creationtimestamp| type| source ---|---|--- 2023-03-29 00:46:12+00:00| seen| https://t.me/cibsecurity/60966...

CVE-2023-20903

This disclosure regards a vulnerability related to UAA refresh tokens and external identity providers.Assuming that an external identity provider is linked to the UAA, a refresh token is issued to a client on behalf of a user from that identity provider, the administrator of the UAA deactivates t...

CVE-2022-20903

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of...

CVE-2022-20903

Cisco Small Business RV110W/RV130/RV130W/RV215W routers are affected by multiple vulnerabilities in the web-based management interface. The root cause is insufficient validation of user fields within incoming HTTP packets, allowing an authenticated attacker with valid Administrator credentials to...

CVE-2019-20903

creationtimestamp| type| source ---|---|--- 2020-10-01 07:52:38+00:00| seen| https://t.me/cibsecurity/14977...

CVE-2019-20903

CVE-2019-20903 affects Atlassian Atlaskit Editor-Core. The vulnerability lies in the hyperlinks functionality, allowing a remote attacker to inject arbitrary HTML or JavaScript via link targets in before version 113.1.5. Affected component is the editor-core package; root cause centers on unsafe ...