Skip to main content
CVE-2020-0309 MEDIUM This Month

In the Bluetooth server, there is a possible out of bounds write due to an integer overflow. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Privilege Escalation Integer Overflow Android
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2020-8200 MEDIUM This Month

Improper authentication in Citrix StoreFront Server < 1912.0.1000 allows an attacker who is authenticated on the same Microsoft Active Directory domain as a Citrix StoreFront server to read arbitrary. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Citrix Microsoft Authentication Bypass Storefront Server
NVD
CVSS 3.1
6.5
EPSS
1.3%
CVE-2020-9084 MEDIUM This Month

Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have a use-after-free (UAF) vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Memory Corruption Information Disclosure Taurus An00B Firmware
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2020-16200 MEDIUM This Month

Philips Clinical Collaboration Platform, Versions 12.2.1 and prior, does not properly control the allocation and maintenance of a limited resource, thereby enabling an attacker to influence the. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Clinical Collaboration Platform
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2020-24623 MEDIUM This Month

A potential security vulnerability has been identified in Hewlett Packard Enterprise Universal API Framework. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

HP SQLi Microsoft VMware Universal Api Framework
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2020-7358 MEDIUM This Month

In AppSpider installer versions prior to 7.2.126, the AppSpider installer calls an executable which can be placed in the appropriate directory by an attacker with access to the local machine. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

RCE Appspider
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2020-15773 MEDIUM This Month

An issue was discovered in Gradle Enterprise before 2020.2.4. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Enterprise
NVD GitHub
CVSS 3.1
6.5
EPSS
0.4%
CVE-2020-5629 MEDIUM This Month

UNIQLO App for Android versions 7.3.3 and earlier allows remote attackers to lead a user to access an arbitrary website via a malicious App created by the third party. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Uniqlo
NVD
CVSS 3.1
6.5
EPSS
1.0%
CVE-2020-5628 MEDIUM This Month

UNIQLO App for Android versions 7.3.3 and earlier allows remote attackers to lead a user to access an arbitrary website via the vulnerable App. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Uniqlo
NVD
CVSS 3.1
6.5
EPSS
1.0%
CVE-2020-0268 MEDIUM This Month

In NFC, there is a possible use-after-free due to a race condition. Rated medium severity (CVSS 6.4). No vendor patch available.

Google Race Condition Privilege Escalation Android
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2020-16198 MEDIUM This Month

When an attacker claims to have a given identity, Philips Clinical Collaboration Platform, Versions 12.2.1 and prior, does not prove or insufficiently proves the claim is correct. Rated medium severity (CVSS 6.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Clinical Collaboration Platform
NVD
CVSS 3.1
6.3
EPSS
0.6%
CVE-2020-8245 MEDIUM This Month

Improper Input Validation on Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIPS before 12.1-55.187, Citrix ADC and. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Citrix Application Delivery Controller Firmware Gateway Netscaler Gateway
NVD
CVSS 3.1
6.1
EPSS
0.9%
CVE-2020-15769 MEDIUM This Month

An issue was discovered in Gradle Enterprise 2020.2 - 2020.2.4. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Enterprise
NVD GitHub
CVSS 3.1
6.1
EPSS
0.7%
CVE-2020-5606 MEDIUM This Month

Cross-site scripting vulnerability in WHR-G54S firmware 1.43 and earlier allows remote attackers to inject arbitrary script via a specially crafted page. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Airstation Whr G54S Firmware
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2020-25735 MEDIUM This Month

webTareas through 2.1 allows XSS in clients/editclient.php, extensions/addextension.php, administration/add_announcement.php, administration/departments.php, administration/locations.php,. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS PHP Webtareas
NVD
CVSS 3.1
6.1
EPSS
1.4%
CVE-2020-14390 MEDIUM This Month

A flaw was found in the Linux kernel in versions before 5.9-rc6. Rated medium severity (CVSS 5.6), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Privilege Escalation Linux Memory Corruption +2
NVD
CVSS 3.1
5.6
EPSS
0.3%
CVE-2020-7945 MEDIUM This Month

Local registry credentials were included directly in the CD4PE deployment definition, which could expose these credentials to users who should not have access to them. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Continuous Delivery
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2020-0365 MEDIUM This Month

In netd, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Google Denial Of Service Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2020-0331 MEDIUM This Month

In Settings, there is a possible permissions bypass. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2020-0327 MEDIUM This Month

In core networking, there is a missing permission check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Authentication Bypass Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2020-0316 MEDIUM This Month

In Telephony, there is a missing permission check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Authentication Bypass Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2020-0315 MEDIUM This Month

In Zen Mode, there is a possible permission bypass due to an unsafe PendingIntent. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2020-0313 MEDIUM This Month

In NotificationManagerService, there is a possible permission bypass due to an unsafe PendingIntent. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2020-0311 MEDIUM This Month

In InputManagerService, there is a possible permission bypass due to an unsafe PendingIntent. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2020-0310 MEDIUM This Month

In Settings, there is a possible permission bypass due to an unsafe PendingIntent. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2020-0307 MEDIUM This Month

In Settings, there is a possible permission bypass due to an unsafe PendingIntent. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2020-0304 MEDIUM This Month

In Settings, there is a possible permission bypass due to an unsafe PendingIntent. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2020-0302 MEDIUM This Month

In Settings, there is a possible permission bypass due to an unsafe PendingIntent. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2020-0295 MEDIUM This Month

In Telecom, there is a possible permission bypass due to an unsafe PendingIntent. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2020-0294 MEDIUM This Month

In bindWallpaperComponentLocked of WallpaperManagerService.java, there is a possible permission bypass due to an unsafe PendingIntent. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Privilege Escalation Android
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2020-0285 MEDIUM This Month

In Telephony, there is a possible permission bypass due to a missing permission check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Authentication Bypass Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2020-0284 MEDIUM This Month

In Telephony, there is a possible permission bypass due to a missing permission check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Authentication Bypass Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2020-0276 MEDIUM This Month

In Telephony, there is a possible permission bypass due to a missing permission check. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Authentication Bypass Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2020-0269 MEDIUM This Month

In Android Auto Settings, there is a possible permission bypass due to an unsafe PendingIntent. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2020-0265 MEDIUM This Month

In Telephony, there are possible leaks of sensitive data due to missing permission checks. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Authentication Bypass Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2020-0263 MEDIUM This Month

In the Accessibility service, there is a possible permission bypass due to an unsafe PendingIntent. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2020-0318 MEDIUM This Month

In the System UI, there is a possible system crash due to an uncaught exception. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Google Denial Of Service Android
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2020-15770 MEDIUM This Month

An issue was discovered in Gradle Enterprise 2018.5. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Enterprise
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2020-25633 MEDIUM PATCH This Month

A flaw was found in RESTEasy client in all versions of RESTEasy up to 4.5.6.Final. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Resteasy Quarkus
NVD
CVSS 3.1
5.3
EPSS
1.2%
CVE-2020-15767 MEDIUM This Month

An issue was discovered in Gradle Enterprise before 2020.2.5. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

CSRF Enterprise
NVD GitHub
CVSS 3.1
5.3
EPSS
0.5%
CVE-2020-25734 MEDIUM This Month

webTareas through 2.1 allows files/Default/ Directory Listing. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Webtareas
NVD
CVSS 3.1
5.3
EPSS
2.1%
CVE-2020-0348 MEDIUM This Month

In NFC, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Google Information Disclosure Android
NVD
CVSS 3.1
4.9
EPSS
0.7%
CVE-2020-15772 MEDIUM This Month

An issue was discovered in Gradle Enterprise 2018.5 - 2020.2.4. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SSRF XXE Enterprise
NVD GitHub
CVSS 3.1
4.9
EPSS
1.2%
CVE-2020-0282 MEDIUM This Month

In NFC, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Google Information Disclosure Android
NVD
CVSS 3.1
4.5
EPSS
0.6%
CVE-2020-0281 MEDIUM This Month

In NFC, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Google Information Disclosure Android
NVD
CVSS 3.1
4.5
EPSS
0.6%
CVE-2020-0349 MEDIUM This Month

In NFC, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Google Information Disclosure Android
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2020-0325 MEDIUM This Month

In NFC, there is a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2020-0292 MEDIUM This Month

In Bluetooth, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Google Information Disclosure Android
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2020-0291 MEDIUM This Month

In Bluetooth, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Google Information Disclosure Android
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2020-0272 MEDIUM This Month

In libhwbinder, there is a possible information disclosure due to uninitialized data. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Android
NVD
CVSS 3.1
4.4
EPSS
0.1%
Prev Page 2 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy