CVE-2026-20989

Improper verification of cryptographic signature in Font Settings prior to SMR Mar-2026 Release 1 allows physical attackers to use custom font...

Linux Distros Unpatched Vulnerability : CVE-2018-20989

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the untrusted crate before 0.6.2 for Rust. Error handling can trigger an integer underflow and panic. CVE-2018-20989 Note that Nessus...

CVE-2025-20989

Improper logging in fingerprint trustlet prior to SMR May-2025 Release 1 allows local privileged attackers to get a hmackey...

CVE-2025-20989

Improper logging in fingerprint trustlet prior to SMR May-2025 Release 1 allows local privileged attackers to get a hmackey...

CVE-2025-20989

Improper logging in fingerprint trustlet prior to SMR May-2025 Release 1 allows local privileged attackers to get a hmackey...

CVE-2025-20989

Improper logging in fingerprint trustlet prior to SMR May-2025 Release 1 allows local privileged attackers to get a hmackey...

CVE-2025-20989

CVE-2025-20989 describes improper logging in the fingerprint trustlet prior to Samsung SMR May-2025 Release 1, enabling local privileged attackers to obtain the hmac_key. Affected component: fingerprint trustlet on Samsung devices using the SMR May-2025 Release 1 or earlier. Underlying issue: ins...

CVE-2024-20989

Vulnerability in the Oracle Hospitality Simphony product of Oracle Food and Beverage Applications component: Simphony POS. Supported versions that are affected are 19.1.0-19.5.4. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

CVE-2024-20989

...

CVE-2024-20989

Oracle Hospitality Simphony (Simphony POS) is affected in versions 19.1.0–19.5.4 due to insufficient input validation in the POS component. The vulnerability allows a remote, unauthenticated attacker with network access (HTTP) to modify, add, or delete data and potentially gain unauthorized acces...

CVE-2024-20989

...

CVE-2023-20989

creationtimestamp| type| source ---|---|--- 2023-03-24 23:50:39+00:00| seen| https://t.me/cibsecurity/60700 2025-02-25 21:27:54+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/5390...

CVE-2023-20989

In btmblewriteadvenablecomplete of btmblegap.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Andro...

CVE-2023-20989

In btmblewriteadvenablecomplete of btmblegap.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Andro...

CVE-2023-20989

CVE-2023-20989 is a vulnerability in the Android Bluetooth stack. In the function btm_ble_write_adv_enable_complete within btm_ble_gap.cc , there is an out-of-bounds read due to a missing bounds check. This can lead to local information disclosure and may require System privileges for exploitatio...

CVE-2020-20989

A cross-site request forgery CSRF in /admin/maintenance/ of Domainmod 4.13 allows attackers to arbitrarily delete logs...

CVE-2020-20989

Domainmod 4.13 is affected by a CSRF in /admin/maintenance/ that, per multiple sources (NVD, Red Hat, CNVD, OSV, CNVD), allows an attacker to arbitrarily delete logs. The root cause is insufficient verification that requests originate from a trusted user. There is no published remediation detail ...

CVE-2021-20989

creationtimestamp| type| source ---|---|--- 2021-04-23 11:02:04+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/3192...

CVE-2021-20989

Summary: CVE-2021-20989 affects Fibaro Home Center 2 and Lite devices running firmware 4.600 or older. The root cause is that these devices initiate SSH connections to the Fibaro cloud with SSH host key verification disabled, enabling a man-in-the-middle (MITM) scenario via DNS spoofing and a dev...

CVE-2021-20989 Fibaro Home Center Insufficient remote access server authorization

Fibaro Home Center 2 and Lite devices with firmware version 4.600 and older initiate SSH connections to the Fibaro cloud to provide remote access and remote support capabilities. This connection can be intercepted using DNS spoofing attack and a device initiated remote port-forward channel can be...