CVE-2026-20904

creationtimestamp| type| source ---|---|--- 2026-01-22 23:13:55+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3md2csx3cvu2i 2026-01-24 21:22:15+00:00| seen| https://gist.github.com/alon710/ae468b15fdd82ad5a6ec81973cecdb91...

CVE-2018-20904

cPanel before 71.9980.37 allows attackers to make API calls that bypass the cron feature restriction SEC-427...

CVE-2023-20904

creationtimestamp| type| source ---|---|--- 2025-04-03 20:36:07+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/10356...

CVE-2025-20904

creationtimestamp| type| source ---|---|--- 2025-02-04 07:29:01+00:00| seen| https://infosec.exchange/users/cve/statuses/113944437768898733 2025-02-04 08:16:59+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhdmkzraad2t 2025-02-04 10:32:26+00:00| seen|...

CVE-2025-20904

Out-of-bounds write in mPOS TUI trustlet prior to SMR Feb-2025 Release 1 allows local privileged attackers to cause memory corruption...

CVE-2025-20904

Out-of-bounds write in mPOS TUI trustlet prior to SMR Feb-2025 Release 1 allows local privileged attackers to cause memory corruption...

CVE-2024-20904

creationtimestamp| type| source ---|---|--- 2024-02-09 14:27:13+00:00| seen| https://t.me/ctinow/182035...

CVE-2024-20904

...

CVE-2024-20904

...

CVE-2024-20904

CVE-2024-20904 affects Oracle Business Intelligence Enterprise Edition (pod Admin) versions 6.4.0.0.0 and 12.2.1.4.0. The issue arises from insufficient input validation in the Pod Admin component, allowing a low-privileged attacker with network access via HTTP to read a subset of data. Attacks m...

CVE-2023-20904

In getTrampolineIntent of SettingsActivity.java, there is a possible launch of arbitrary activity due to an Intent mismatch in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

CVE-2023-20904

The CVE-2023-20904 issue is in Android SettingsActivity.getTrampolineIntent, where an Intent mismatch can launch an arbitrary activity. This could enable local privilege escalation without extra privileges or user interaction. Affected: Android-12L and Android-13. According to Android security bu...

CVE-2023-20904

In getTrampolineIntent of SettingsActivity.java, there is a possible launch of arbitrary activity due to an Intent mismatch in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

CVE-2023-20904

In getTrampolineIntent of SettingsActivity.java, there is a possible launch of arbitrary activity due to an Intent mismatch in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

CVE-2022-20904

The CVE-2022-20904 entry concerns Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers. The cited vulnerabilities stem from insufficient validation of user fields in HTTP requests to the devices’ web-based management interface, enabling an authenticated remote attacker to execute arbitr...

CVE-2018-20904

CVE-2018-20904 affects cPanel before 71.9980.37, where API calls can bypass the cron feature restriction (SEC-427). The issue is triggered by improper authorization/validation in API handling, enabling potential unauthorized cron-related actions. Remediation: upgrade to cPanel 71.9980.37 or later...

libxml2 Stack Buffer Overflow Vulnerability

libxml2 is the GNOME project team developed a C-based library for parsing XML documents, which supports multiple encoding formats, Xpath parsing, Well-formed and valid validation. A stack buffer overflow vulnerability exists in version libxml2 20904-GITv2.9.4-16-g0741801. An attacker can exploit...

libxml2 Buffer Overflow Vulnerability

libxml2 is the GNOME project team developed a C-based library for parsing XML documents, which supports multiple encoding formats, Xpath parsing, Well-formed and valid validation. A buffer overflow vulnerability exists in version libxml2 20904-GITv2.9.4-16-g0741801. An attacker can exploit this...