CVE-2020-0496

In CPDF_RenderStatus::LoadSMask of cpdf_renderstatus.cpp, there is a possible memory corruption due to a use-after free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-149481220

Publication date: Tue, 15 Dec 2020 22:15:00 +0000

Cyber News related to CVE-2020-0496

CVE-2020-0496 - In CPDF_RenderStatus::LoadSMask of cpdf_renderstatus.cpp, there is a possible memory corruption due to a use-after free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed ...
3 years ago

CVE-2004-0496 - Multiple unknown vulnerabilities in Linux kernel 2.6 allow local users to gain privileges or access kernel memory, a different set of vulnerabilities than those identified in CVE-2004-0495, as found by the Sparse source code checking tool. ...
6 years ago

CVE-2002-0496 - The HTTP server for SouthWest Talker server 1.0.0 allows remote attackers to cause a denial of service (server crash) via a malformed URL to port 5002. ...
16 years ago

CVE-2016-0496 - Unspecified vulnerability in the MICROS CWDirect component in Oracle Retail Applications 12.5, 13.0, 14.0, 15.0, 16.0, 17.0, and 18.0 allows remote attackers to affect confidentiality via unknown vectors related to Order Entry. ...
8 years ago

CVE-2015-0496 - Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53 and 8.54 allows remote authenticated users to affect confidentiality via vectors related to PIA Search Functionality. ...
8 years ago

CVE-2005-0496 - Arkeia Network Backup Client 5.x contains hard-coded credentials that effectively serve as a back door, which allows remote attackers to access the file system and possibly execute arbitrary commands. ...
11 months ago

CVE-2006-0496 - Cross-site scripting (XSS) vulnerability in Mozilla 1.7.12 and possibly earlier, Mozilla Firefox 1.0.7 and possibly earlier, and Netscape 8.1 and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the -moz-binding ...
7 years ago

CVE-2010-0496 - FreeBit ServersMan 3.1.5 on Apple iPhone OS 3.1.2, and iPhone OS for iPod touch, allows remote attackers to cause a denial of service (daemon crash) via a HEAD request for the / URI. ...
7 years ago

CVE-2011-0496 - Unspecified vulnerability in Sybase EAServer 5.x and 6.x before 6.3 ESD#2, as used in Appeon, Replication Server Messaging Edition (RSME), and WorkSpace, allows remote attackers to install arbitrary web services and execute arbitrary code, related to ...
7 years ago

CVE-2007-0496 - PHP remote file inclusion vulnerability in lib/nl/nl.php in Neon Labs Website (nlws) 3.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the g_strRootDir parameter. ...
7 years ago

CVE-2001-0496 - kdesu in kdelibs package creates world readable temporary files containing authentication info, which can allow local users to gain privileges. ...
7 years ago

CVE-1999-0496 - A Windows NT 4.0 user can gain administrative rights by forcing NtOpenProcessToken to succeed regardless of the user's permissions, aka GetAdmin. ...
6 years ago

CVE-2008-0496 - Cross-site scripting (XSS) vulnerability in index.php in AmpJuke 0.7.0 allows remote attackers to inject arbitrary web script or HTML via the limit parameter in a search action. ...
6 years ago

CVE-2014-0496 - Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.9 and 11.x before 11.0.06 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors. ...
6 years ago

CVE-2018-0496 - Directory traversal issues in the D-Mod extractor in DFArc and DFArc2 (as well as in RTsoft's Dink Smallwood HD / ProtonSDK version) before 3.14 allow an attacker to overwrite arbitrary files on the user's system. ...
5 years ago

CVE-2003-0496 - Microsoft SQL Server before Windows 2000 SP4 allows local users to gain privileges as the SQL Server user by calling the xp_fileexist extended stored procedure with a named pipe as an argument instead of a normal file. ...
5 years ago

CVE-2017-0496 - A denial of service vulnerability in Setup Wizard could allow a local malicious application to temporarily block access to an affected device. This issue is rated as Moderate because it may require a factory reset to repair the device. Product: ...
5 years ago

CVE-2009-0496 - Multiple cross-site scripting (XSS) vulnerabilities in Ignite Realtime Openfire 3.6.2 allow remote attackers to inject arbitrary web script or HTML via the (1) log parameter to (a) logviewer.jsp and (b) log.jsp; (2) search parameter to (c) ...
6 years ago

CVE-2012-0496 - Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect confidentiality and integrity via unknown vectors. ...
5 years ago

CVE-2021-0496 - In memory management driver, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: ...
3 years ago

CVE-2022-0496 - A vulnerbiility was found in Openscad, where a DXF-format drawing with particular (not necessarily malformed!) properties may cause an out-of-bounds memory access when imported using import(). ...
2 years ago

CVE-2023-0496 - The HT Event WordPress plugin before 1.4.6 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack ...
1 year ago

CVE-2024-0496 - A vulnerability was found in Kashipara Billing Software 1.0 and classified as critical. This issue affects some unknown processing of the file item_list_edit.php of the component HTTP POST Request Handler. The manipulation of the argument id leads to ...
1 year ago Tenable.com

CVE-2020-1246 - An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, ...
3 years ago

CVE-2020-1266 - An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, ...
3 years ago

Latest Cyber News

CVE-2025-1207 - 58 minutes ago
CVE-2025-0556 - 58 minutes ago
CVE-2025-1206 - 1 hour ago
CVE-2025-1212 - 1 hour ago
CVE-2025-1244 - 1 hour ago
CVE-2025-1202 - 1 hour ago
CVE-2025-1042 - 1 hour ago
CVE-2024-54160 - 1 hour ago
CVE-2025-0376 - 1 hour ago
CVE-2024-12251 - 1 hour ago
CVE-2024-12379 - 1 hour ago
CVE-2025-26378 - 2 hours ago
CVE-2025-26371 - 2 hours ago
CVE-2025-26372 - 2 hours ago
CVE-2025-26373 - 2 hours ago
CVE-2025-26374 - 2 hours ago
CVE-2025-26375 - 2 hours ago
CVE-2025-26376 - 2 hours ago
CVE-2025-26377 - 2 hours ago
CVE-2025-26364 - 2 hours ago

Cyber Trends (last 7 days)

Okta - 1 year ago
23andMe - 1 year ago
Kimsuky - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

CVE-2023-40721 - 23 hours ago
CVE-2024-12755 - 23 hours ago
CVE-2024-12756 - 23 hours ago
CVE-2024-27780 - 23 hours ago
CVE-2024-27781 - 23 hours ago
CVE-2024-33504 - 23 hours ago
CVE-2024-35279 - 23 hours ago
CVE-2024-36508 - 23 hours ago
CVE-2024-40584 - 23 hours ago
CVE-2024-40586 - 23 hours ago
CVE-2024-40591 - 23 hours ago
CVE-2024-50567 - 23 hours ago
CVE-2024-50569 - 23 hours ago
CVE-2024-52966 - 23 hours ago
CVE-2024-52968 - 23 hours ago
CVE-2025-1126 - 23 hours ago
CVE-2025-21121 - 23 hours ago
CVE-2025-21123 - 23 hours ago
CVE-2025-21124 - 23 hours ago
CVE-2025-21125 - 23 hours ago