CVE-2026-20975

Improper handling of insufficient permission in Samsung Cloud prior to version 5.6.11 allows local attackers to access specific files in arbitrary path...

CVE-2026-20975

creationtimestamp| type| source ---|---|--- 2026-01-09 08:47:38+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mby4dwjlig22...

CVE-2026-20975

CVE-2026-20975 affects Samsung Cloud prior to version 5.6.11. The vulnerability arises from improper handling of insufficient permissions, enabling local attackers to access specific files in arbitrary paths. Evidence across multiple feeds confirms the affected software and impact; exploitation s...

CVE-2025-20975

creationtimestamp| type| source ---|---|--- 2025-05-07 13:09:06+00:00| seen| https://t.me/cvedetector/24690...

CVE-2025-20975

Improper Export of Android Application Components in AODService prior to version 8.8.28.12 allows local attackers to launch arbitrary activity with systemui privilege...

CVE-2024-20975 vulnerabilities

Vulnerabilities for packages: mysql...

CVE-2024-20975

Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash complete DOS of MySQL Server...

Oracle MySQL Server 8.1.x <= 8.2.0 Security Update (cpujan2024) - Linux

Oracle MySQL Server is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2024-20975

...

CVE-2024-20975

CVE-2024-20975 affects Oracle MySQL Server (Server: Optimizer). Affected: MySQL Server versions 8.2.0 and earlier. Exploitation by a low-privileged attacker with network access via multiple protocols can cause a hang or repeated crash (DoS). CVSS 3.1 base score 6.5, Availability impact. The conne...

CVE-2023-20975

creationtimestamp| type| source ---|---|--- 2023-03-24 23:47:46+00:00| seen| https://t.me/cibsecurity/60687...

CVE-2023-20975

In getAvailabilityStatus of EnableContentCapturePreferenceController.java, there is a possible way to bypass DISALLOWCONTENTCAPTURE due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

CVE-2023-20975

CVE-2023-20975 affects Android 13 via a permissions bypass in getAvailabilityStatus of EnableContentCapturePreferenceController.java, enabling a local privilege escalation with no user interaction. Affected vector is not exploitation details in the provided docs, but multiple sources note a DISAL...

CVE-2020-20975

creationtimestamp| type| source ---|---|--- 2021-08-12 18:39:49+00:00| seen| https://t.me/cibsecurity/27226...

CVE-2020-20975

In \lib\admin\action\dataaction.class.php in Gxlcms v1.1, SQL Injection exists via the $filename parameter...

CVE-2020-20975

The CVE-2020-20975 entry relates to Gxlcms v1.1, where a SQL Injection flaw exists in the file lib/admin/action/dataaction.class.php via the $filename parameter. Multiple connected records confirm the affected component and root cause: untrusted input in the dataaction class leads to SQL injectio...

CVE-2018-20975

Fat Free CRM before 0.18.1 is vulnerable to Cross‑Site Scripting via the tags_helper.rb logic in app/helpers/tags_helper.rb. The root cause is lack of proper escaping of user-supplied input (notably the query parameter), enabling injection of arbitrary script. Public references (Veracode entry) d...