CVE-2020-10851

An issue was discovered on Samsung mobile devices with P9.0 and Q10.0 software. There is a stack overflow in the kperfmon driver. The Samsung ID is SVE-2019-15876 January 2020...

CVE-2020-10853

An issue was discovered on Samsung mobile devices with P9.0 software. Gallery leaks cached data. The Samsung IDs are SVE-2019-16010, SVE-2019-16011, SVE-2019-16012 January 2020...

Oracle Siebel Server < 19.11 (January 2020 CPU)

The versions of Oracle Siebel CRM installed on the remote host are affected by multiple vulnerabilities as referenced in the January 2020 CPU advisory. - Vulnerability in the Siebel UI Framework product of Oracle Siebel CRM component: EAI jackson-databind. Supported versions that are affected are...

Oracle Siebel Server <= 19.7 (January 2020 CPU)

The versions of Oracle Siebel CRM installed on the remote host are affected by a vulnerability as referenced in the January 2020 CPU advisory. - Vulnerability in the Siebel UI Framework product of Oracle Siebel CRM component: UIF Open UI. Supported versions that are affected are 19.7 and prior...

Oracle Siebel Server <= 19.8 (January 2020 CPU)

The versions of Oracle Siebel CRM installed on the remote host are affected by a vulnerability as referenced in the January 2020 CPU advisory. - Vulnerability in the Siebel UI Framework product of Oracle Siebel CRM component: EAI jackson-databind. Supported versions that are affected are 19.10 an...

Security Bulletin: A vulnerability may affect IBM® SDK, Java™ Technology Edition used in Liberty for Java for IBM Cloud (CVE-2020-2590)

Summary CVE-2020-2590 was disclosed in the Oracle January 2020 Critical Patch Update. Vulnerability Details CVEID:CVE-2020-2590 DESCRIPTION: An unspecified vulnerability in Java SE related to the Java SE Security component could allow an unauthenticated attacker to cause no confidentiality impact...

Security Updates for Microsoft Excel Products C2R (January 2020)

The Microsoft Excel Products are missing security updates. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the...

Xiaomi 10 安全漏洞

Xiaomi 10 is a smartphone from Chinese company Xiaomi. The Xiaomi 10 MIUI version prior to 2020.01.15 suffers from an information disclosure vulnerability that stems from the fact that the mobile app can read the SNO information of the device. No details of the vulnerability are currently availab...

Security Bulletin: Security Vulnerabilities in IBM® Java SDK Oct 2019 and Jan 2020 CPU affect multiple IBM Continuous Engineering products based on IBM Jazz Technology

Summary There are multiple vulnerabilities in IBM® SDK Java Technology Edition from October and January CPU and the CVE-2020-2654 deferred from Oracle Jan 2020 CPU that are used by IBM Jazz Team Server affecting the following IBM Jazz Team Server based Applications: Engineering Lifecycle Manageme...

Oracle WebLogic Server BadAttributeValueExpException deserialization

Added: 05/27/2020 CVE: CVE-2020-2555 Background Oracle WebLogic Server formerly BEA WebLogic Server is a Java web application platform. Problem A Java object deserialization vulnerability in WebLogic allows unauthenticated remote code execution by sending a serialized BadAttributeValueExpExceptio...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM InfoSphere Information Server

Summary There are multiple vulnerabilities in the IBM® SDK Java™ Technology Edition, Versions 7 and 8 that are used by IBM InfoSphere Information Server. These issues were disclosed as part of the IBM Java SDK updates in October 2019 and January 2020. Vulnerability Details CVEID: CVE-2020-2593...

CVE-2020-10855

An issue was discovered on Samsung mobile devices with P9.0 software. Attackers can bypass Factory Reset Protection FRP via AppTray. The Samsung ID is SVE-2019-16192 January 2020...

CVE-2020-10849

An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 Exynos7885, Exynos8895, and Exynos9810 chipsets software. The Gatekeeper trustlet allows a brute-force attack on the screen lock password. The Samsung ID is SVE-2019-14575 January 2020...

CVE-2020-10850

An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 Exynos chipsets software. The secure bootloade has a buffer overflow of the USB buffer, leading to arbitrary code execution. The Samsung ID is SVE-2019-15872 January 2020...

CVE-2020-10849

An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 Exynos7885, Exynos8895, and Exynos9810 chipsets software. The Gatekeeper trustlet allows a brute-force attack on the screen lock password. The Samsung ID is SVE-2019-14575 January 2020...

Information disclosure

An issue was discovered on Samsung mobile devices with P9.0 software. Gallery leaks cached data. The Samsung IDs are SVE-2019-16010, SVE-2019-16011, SVE-2019-16012 January 2020...

CVE-2020-10852

An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 software. There is a stack overflow in display driver. The Samsung ID is SVE-2019-15877 January 2020...

CVE-2020-10849

An issue was discovered on Samsung mobile devices with O8.x, P9.0, and Q10.0 Exynos7885, Exynos8895, and Exynos9810 chipsets software. The Gatekeeper trustlet allows a brute-force attack on the screen lock password. The Samsung ID is SVE-2019-14575 January 2020...

Security Bulletin: Multiple security vulnerabilities has been identified in IBM WebSphere Application Server shipped with Tivoli Netcool/OMNIbus WebGUI - January 2020 CPU

Summary Websphere Application Server WAS is shipped as a component of Tivoli Netcool/OMNIbus WebGUI. Information about a security vulnerability affecting WAS has been published in a security bulletin. These issues were disclosed as part of the IBM Java SDK updates in January 2020. Vulnerability...

Strong Testimonials < 2.40.1 - Stored Cross Site Scripting (XSS)

Multiple stored XSS vulnerabilities found in popular WordPress testimonial plugin, Strong Testimonials. First reported to the Strong Testimonials team on 23rd January 2020...