Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2020-06-11 CVE-2020-0202 Missing Authorization vulnerability in Google Android 11.0
In onHandleIntent of TraceService.java, there is a possible bypass of developer settings requirements for capturing system traces due to a missing permission check.
local
low complexity
google CWE-862
7.8
2020-06-11 CVE-2020-0201 Improper Privilege Management vulnerability in Google Android 10.0
In showSecurityFields of WifiConfigController.java there is a possible credential leak due to a confused deputy.
network
low complexity
google CWE-269
7.5
2020-06-11 CVE-2020-0198 Integer Overflow or Wraparound vulnerability in multiple products
In exif_data_load_data_content of exif-data.c, there is a possible UBSAN abort due to an integer overflow.
7.5
2020-06-11 CVE-2020-0181 Integer Overflow or Wraparound vulnerability in multiple products
In exif_data_load_data_thumbnail of exif-data.c, there is a possible denial of service due to an integer overflow.
network
low complexity
google fedoraproject libexif-project CWE-190
7.5
2020-06-11 CVE-2020-0165 Out-of-bounds Write vulnerability in Google Android 10.0
In phNxpNciHal_NfcDep_cmd_ext of phNxpNciHal_NfcDepSWPrio.cc, there is a possible out of bounds write due to a missing bounds check.
local
low complexity
google CWE-787
7.2
2020-06-11 CVE-2020-6090 Insufficient Verification of Data Authenticity vulnerability in Wago Pfc200 Firmware 03.03.10(15)
An exploitable code execution vulnerability exists in the Web-Based Management (WBM) functionality of WAGO PFC 200 03.03.10(15).
network
low complexity
wago CWE-345
7.2
2020-06-11 CVE-2020-4101 Server-Side Request Forgery (SSRF) vulnerability in Hcltech HCL Digital Experience 8.5/9.0/9.5
"HCL Digital Experience is susceptible to Server Side Request Forgery."
network
low complexity
hcltech CWE-918
7.5
2020-06-10 CVE-2020-13901 Out-of-bounds Write vulnerability in Meetecho Janus
An issue was discovered in janus-gateway (aka Janus WebRTC Server) through 0.10.0.
network
low complexity
meetecho CWE-787
7.5
2020-06-10 CVE-2020-5363 Unspecified vulnerability in Dell products
Select Dell Client Consumer and Commercial platforms include an issue that allows the BIOS Admin password to be changed through Dell's manageability interface without knowledge of the current BIOS Admin password.
local
low complexity
dell
7.2
2020-06-10 CVE-2020-4043 Deserialization of Untrusted Data vulnerability in PHPmussel Project PHPmussel
phpMussel from versions 1.0.0 and less than 1.6.0 has an unserialization vulnerability in PHP's phar wrapper.
network
low complexity
phpmussel-project CWE-502
7.5