CVE-2020-20913

SQL Injection vulnerability found in Ming-Soft MCMS v.4.7.2 allows a remote attacker to execute arbitrary code via basictitle parameter...

CVE-2018-20913

cPanel before 70.0.23 allows attackers to read the root accesshash via the WHM /cgi/trustclustermaster.cgi SEC-364...

CVE-2025-20913

creationtimestamp| type| source ---|---|--- 2025-03-06 07:09:31+00:00| seen| https://t.me/cvedetector/19685...

CVE-2025-20913

Samsung Notes vulnerable to an out-of-bounds read when applying binary drawing content prior to version 4.4.26.71. The issue affects the Notes binary’s drawing-content handling and can allow memory reads beyond bounds. PT-2025-9884 confirms affected versions up to 4.4.26.71; Samsung’s advisory in...

CVE-2020-20913

creationtimestamp| type| source ---|---|--- 2025-02-14 19:16:21+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/4481...

CVE-2024-20913

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics component: BI Platform Security. The supported version that is affected is 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

CVE-2024-20913

Oracle BI Enterprise Edition (OBIEE) 12.2.1.4.0 is affected by a vulnerability in the BI Platform Security component due to insufficient input validation. An attacker with network access via HTTP and low privileges, requiring user interaction, can compromise data confidentiality and integrity—una...

CVE-2024-20913

...

CVE-2024-20913

...

CVE-2024-20913

creationtimestamp| type| source ---|---|--- 2024-02-09 14:27:12+00:00| seen| https://t.me/ctinow/182034 2024-02-17 03:26:43+00:00| seen| https://t.me/ctinow/186746...

Oracle Business Intelligence Enterprise Edition (January 2024 CPU)

The version of Oracle Business Intelligence Enterprise Edition 12.2.1.4 installed on the remote host is affected by multiple vulnerabilities as referenced in the January 2024 CPU advisory, including the following: - Vulnerability in the Oracle Business Intelligence Enterprise Edition product of...

CVE-2020-20913

CVE-2020-20913 describes a SQL Injection in Ming-Soft MCMS v4.7.2 where the basic_title parameter can be manipulated to run arbitrary SQL, potentially enabling remote code execution. The underlying issue is insufficient input validation of the basic_title parameter, allowing attacker-controlled S...

CVE-2020-20913

SQL Injection vulnerability found in Ming-Soft MCMS v.4.7.2 allows a remote attacker to execute arbitrary code via basictitle parameter...

CVE-2020-20913

SQL Injection vulnerability found in Ming-Soft MCMS v.4.7.2 allows a remote attacker to execute arbitrary code via basictitle parameter...

CVE-2023-20913

creationtimestamp| type| source ---|---|--- 2023-01-27 00:33:55+00:00| seen| https://t.me/cibsecurity/56943...

CVE-2023-20913

CVE-2023-20913 affects Android 10–13; a tapjacking/overlay issue in PhoneAccountSettingsActivity could enable local elevation of privilege by tricking the user into enabling a malicious phone account. The Android Security Bulletin lists this issue under the 2023-01-01 and 2023-01-05 patch levels;...

CVE-2023-20913

In onCreate of PhoneAccountSettingsActivity.java and related files, there is a possible way to mislead the user into enabling a malicious phone account due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is...

CVE-2019-20913

creationtimestamp| type| source ---|---|--- 2020-07-16 22:55:34+00:00| seen| https://t.me/cibsecurity/13513...

CVE-2019-20913

CVE-2019-20913 affects GNU LibreDWG up to version 0.9.3. The issue is a heap-based buffer over-read in the function dwg_encode_entity within common_entity_data.spec, triggered by crafted input. Impact is described as a heap-based over-read; no additional exploit details or remediation are provide...

CVE-2018-20913

CVE-2018-20913 affects cPanel before 70.0.23. The vulnerability allows an attacker to read the root accesshash via the WHM path /cgi/trustclustermaster.cgi (SEC-364). The available sources describe the vulnerability as an information disclosure condition impacting the root accesshash, with no pub...