How severe is CVE-2020-8929?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.3 out of 10.

What type of vulnerability is CVE-2020-8929?

This is classified as CWE-176, which is a common weakness in software security.

CVE-2020-8929

MEDIUM Year: 2020

CVSS v3 Score

5.3

Medium

CVSS v2 Score

5.0

Medium

Weakness Type

CWE-176

View all →

Vulnerability Description

A mis-handling of invalid unicode characters in the Java implementation of Tink versions prior to 1.5 allows an attacker to change the ID part of a ciphertext, which result in the creation of a second ciphertext that can decrypt to the same plaintext. This can be a problem with encrypting deterministic AEAD with a single key, and rely on a unique ciphertext-per-plaintext.

CVE-2023-41889

MEDIUM

CVSS:5.3(Medium)

SHIRASAGI is a Content Management System. Prior to version 1.18.0, SHIRASAGI is vulnerable to a Post-Unicode normalization issue. This happens when a logical validation or a security check is performe...

CWE-1762023

CVE-2023-31169

MEDIUM

CVSS:5.7(Medium)

An Improper Handling of Unicode Encoding vulnerability in the Schweitzer Engineering Laboratories SEL-5030 acSELerator QuickSet Software could allow an attacker to embed instructions that could be exe...

CWE-1762023

CVE-2023-39213

CRITICAL

CVSS:9.8(Critical)

Improper neutralization of special elements in Zoom Desktop Client for Windows and Zoom VDI Client before 5.15.2 may allow an unauthenticated user to enable an escalation of privilege via network acce...

CWE-1762023

CVE-2024-24691

CRITICAL

CVSS:9.8(Critical)

Improper input validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows may allow an unauthenticated user to conduct an escalation of privilege via ...

CWE-1762024