CVE-2017-18676

An issue was discovered on Samsung mobile devices with N7.0 Qualcomm chipsets software. There is an RKP kernel protection bypass in which unwanted memory mappings may occur because of a lack of MSR trapping. The Samsung ID is SVE-2016-7901 April 2017...

CVE-2017-18513

The responsive-menu plugin before 3.1.4 for WordPress has no CSRF protection mechanism for the admin interface...

CVE-2008-7311

The session cookie store implementation in Spree 0.2.0 uses a hardcoded config.actioncontrollersession hash value aka secret key, which makes it easier for remote attackers to bypass cryptographic protection mechanisms by leveraging an application that contains this value within the...

CVE-2008-6992

GreenSQL Firewall greensql-fw, possibly before 0.9.2 or 0.9.4, allows remote attackers to bypass the SQL injection protection mechanism via a WHERE clause containing an expression such as "x=y=z", which is successfully parsed by MySQL...

CVE-2019-18374

Symantec Critical System Protection CSP, versions 8.0, 8.0 HF1 & 8.0 MP1, may be susceptible to an authentication bypass vulnerability, which is a type of issue that can potentially allow a threat actor to circumvent existing authentication controls...

CVE-2019-18372

Symantec Endpoint Protection, prior to 14.2 RU2, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user...

CVE-2019-18782

SuiteCRM 7.10.x prior to 7.10.21 and 7.11.x prior to 7.11.9 does not correctly implement the .htaccess protection mechanism...

CVE-2019-2113

In setup wizard there is a bypass of some checks when wifi connection is skipped. This could lead to factory reset protection bypass with no additional privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-122597079...

CVE-2019-2298

Protection is missing while accessing md sessions info via macro which can lead to use-after-free in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640,...

CVE-2019-2183

In generateServicesMap of RegisteredServicesCache.java, there is a possible account protection bypass due to a caching optimization. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

CVE-2019-11096

Insufficient memory protection for IntelR Ethernet I218 Adapter driver for Windows 10 before version 24.1 may allow an authenticated user to potentially enable information disclosure via local access...

CVE-2019-11092

Insufficient password protection in the attestation database for Open CIT may allow an authenticated user to potentially enable information disclosure via local access...

CVE-2019-11464

Some enterprises require that REST API endpoints include security-related headers in REST responses. Headers such as X-Frame-Options and X-Content-Type-Options are generally advisable, however some information security professionals additionally look for X-Permitted-Cross-Domain-Policies and...

CVE-2019-20551

An issue was discovered on Samsung mobile devices with N7.x, O8.x, and P9.0 software. Attackers can bypass Factory Reset Protection FRP via a Class 0 Type Message. The Samsung ID is SVE-2019-14941 October 2019...

CVE-2019-20000

The malware scan function in BullGuard Premium Protection 20.0.371.8 has a TOCTOU issue that enables a symbolic link attack, allowing privileged files to be deleted...

CVE-2019-20543

An issue was discovered on Samsung mobile devices with P9.0 software. Attackers can bypass Factory Reset Protection FRP via SamsungPay mini. The Samsung ID is SVE-2019-15090 November 2019...

CVE-2019-20570

An issue was discovered on Samsung mobile devices with P9.0, O8.0, and N7.1 software. Attackers can bypass Factory Reset Protection FRP via Smart Switch. The Samsung ID is SVE-2019-15138 September 2019...

CVE-2019-20552

An issue was discovered on Samsung mobile devices with P9.0 software. Attackers can bypass Factory Reset Protection FRP via an RCS call. The Samsung ID is SVE-2019-15035 October 2019...

CVE-2019-20615

An issue was discovered on Samsung mobile devices with N7.x and O8.x software. Attackers can bypass Factory Reset Protection FRP via SVoice T&C.; The Samsung ID is SVE-2018-13547 March 2019...

CVE-2019-20569

An issue was discovered on Samsung mobile devices with P9.0 software. Attackers can bypass Factory Reset Protection FRP via the status bar. The Samsung ID is SVE-2019-15089 September 2019...