23 matches found
CVE-2026-20915
creationtimestamp| type| source ---|---|--- 2026-03-31 17:24:40+00:00| published-proof-of-concept| Telegram/Ig1ee0N1HBlXVPi52hAEKt2Zoza8gFtrDIgi8zasU7Bxz8...
CVE-2019-20915
An issue was discovered in GNU LibreDWG through 0.9.3. Crafted input will lead to a heap-based buffer over-read in bitwriteTF in bits.c...
CVE-2020-20915
SQL Injection vulnerability found in PublicCMS v.4.0 allows a remote attacker to execute arbitrary code via sql parameter of the the SysSiteAdminControl...
CVE-2018-20915
cPanel before 70.0.23 allows stored XSS via a WHM Edit DNS Zone action SEC-369...
CVE-2025-20915
Out-of-bounds read in applying binary of voice content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory...
CVE-2020-20915
creationtimestamp| type| source ---|---|--- 2025-02-14 21:09:17+00:00| seen| Telegram/x-i9xua5YbU4R9gJE79jU9TQYuiNsh01yNqF44VniKSjtm...
fence-agents security and bug fix update
4.2.1-129 - bundled urllib3: fix CVE-2023-45803 Resolves: RHEL-18132 - bundled pycryptodome: fix CVE-2023-52323 Resolves: RHEL-20915 - bundled jinja2: fix CVE-2024-22195 Resolves: RHEL-22174 4.2.1-127 - fencescsi: fix registration handling if ISID conflicts Resolves: RHEL-5397 - fencezvmip:...
CVE-2024-20915
...
CVE-2024-20915
CVE-2024-20915 affects Oracle E-Business Suite’s Oracle Application Object Library (AOL), Login - SSO component. Affected: AOL in E-Business Suite versions 12.2.3–12.2.13. Issue: insufficient input validation in the Login - SSO path allows an unauthenticated, network-accessible attacker (via HTTP...
CVE-2024-20915
...
CVE-2024-20915
creationtimestamp| type| source ---|---|--- 2024-02-08 08:41:20+00:00| seen| https://t.me/ctinow/181228 2024-02-17 03:26:44+00:00| seen| https://t.me/ctinow/186747...
CVE-2020-20915
SQL Injection vulnerability found in PublicCMS v.4.0 allows a remote attacker to execute arbitrary code via sql parameter of the the SysSiteAdminControl...
CVE-2020-20915
SQL Injection vulnerability found in PublicCMS v.4.0 allows a remote attacker to execute arbitrary code via sql parameter of the the SysSiteAdminControl...
CVE-2020-20915
SQL Injection vulnerability found in PublicCMS v.4.0 allows a remote attacker to execute arbitrary code via sql parameter of the the SysSiteAdminControl...
CVE-2020-20915
PublicCMS v4.0 is affected by an SQL injection in the SysSiteAdminControl via the sql parameter, which can lead to remote arbitrary code execution. The vulnerability is confirmed across multiple sources (NVD/Red Hat/CNNVD/etc.) with a high impact. Public details indicate that upgrading to a versi...
CVE-2023-20915
In addOrReplacePhoneAccount of PhoneAccountRegistrar.java, there is a possible way to enable a phone account without user interaction due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed f...
CVE-2023-20915
CVE-2023-20915 concerns a logic error in PhoneAccountRegistrar.java (Android framework) that can allow enabling a phone account without user interaction. The issue enables local escalation of privilege with no additional execution privileges, impacting Android 10–13 per the CVE record. The proble...
CVE-2022-20915
CVE-2022-20915 affects Cisco IOS XE Software implementing IPv6 VPN over MPLS 6VPE with Zone-Based Firewall (ZBFW). A crafted IPv6 packet forwarded from an IPv6-enabled VRF interface can cause the device to reload, producing a DoS. The issue arises from improper error handling of such packets on M...
CVE-2019-20915
creationtimestamp| type| source ---|---|--- 2020-07-16 22:55:32+00:00| seen| https://t.me/cibsecurity/13511...
CVE-2019-20915
CVE-2019-20915 affects GNU LibreDWG up to version 0.9.3. A crafted input triggers a heap-based buffer over-read in bit_write_TF within bits.c, as described across multiple connected documents. Impact details in sources vary, but CVSS data from NVD indicates high impact under network attack with p...