Show filters
26 Total Results
Displaying 21-26 of 26
Sort by:
Attacker Value
Unknown
CVE-2020-5753
Disclosure Date: May 20, 2020 (last updated February 21, 2025)
Signal Private Messenger Android v4.59.0 and up and iOS v3.8.1.5 and up allows a remote non-contact to ring a victim's Signal phone and disclose currently used DNS server due to ICE Candidate handling before call is answered or declined.
0
Attacker Value
Unknown
CVE-2020-3885
Disclosure Date: April 01, 2020 (last updated February 21, 2025)
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A file URL may be incorrectly processed.
0
Attacker Value
Unknown
CVE-2019-19324
Disclosure Date: March 20, 2020 (last updated February 21, 2025)
Xmidt cjwt through 1.0.1 before 2019-11-25 maps unsupported algorithms to alg=none, which sometimes leads to untrusted accidental JWT acceptance.
0
Attacker Value
Unknown
CVE-2020-9425
Disclosure Date: March 20, 2020 (last updated February 21, 2025)
An issue was discovered in includes/head.inc.php in rConfig before 3.9.4. An unauthenticated attacker can retrieve saved cleartext credentials via a GET request to settings.php. Because the application was not exiting after a redirect is applied, the rest of the page still executed, resulting in the disclosure of cleartext credentials in the response.
0
Attacker Value
Unknown
CVE-2019-20430
Disclosure Date: January 27, 2020 (last updated February 21, 2025)
In the Lustre file system before 2.12.3, the mdt module has an LBUG panic (via a large MDT Body eadatasize field) due to the lack of validation for specific fields of packets sent by a client.
0
Attacker Value
Unknown
CVE-2014-2686
Disclosure Date: January 09, 2020 (last updated February 21, 2025)
Ansible prior to 1.5.4 mishandles the evaluation of some strings.
0