Количество 18 763
Количество 18 763
CVE-2020-14342
It was found that cifs-utils' mount.cifs was invoking a shell when requesting the Samba password which could be used to inject arbitrary commands. An attacker able to invoke mount.cifs with special permission such as via sudo rules could use this flaw to escalate their privileges.
CVE-2020-1433
Microsoft Edge PDF Information Disclosure Vulnerability
CVE-2020-14331
A flaw was found in the Linux kernel’s implementation of the invert video code on VGA consoles when a local attacker attempts to resize the console calling an ioctl VT_RESIZE which causes an out-of-bounds write to occur. This flaw allows a local user with access to the VGA console to crash the system potentially escalating their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVE-2020-1432
Skype for Business via Internet Explorer Information Disclosure Vulnerability
CVE-2020-14323
CVE-2020-1431
Windows AppX Deployment Extensions Elevation of Privilege Vulnerability
CVE-2020-14318
CVE-2020-14314
A memory out-of-bounds read flaw was found in the Linux kernel before 5.9-rc2 with the ext3/ext4 file system in the way it accesses a directory with broken indexing. This flaw allows a local user to crash the system if the directory exists. The highest threat from this vulnerability is to system availability.
CVE-2020-14311
CVE-2020-14310
CVE-2020-1430
Windows UPnP Device Host Elevation of Privilege Vulnerability
CVE-2020-14309
There's an issue with grub2 in all versions before 2.06 when handling squashfs filesystems containing a symbolic link with name length of UINT32 bytes in size. The name size leads to an arithmetic overflow leading to a zero-size allocation further causing a heap-based buffer overflow with attacker controlled data.
CVE-2020-14308
In grub2 versions before 2.06 the grub memory allocator doesn't check for possible arithmetic overflows on the requested allocation size. This leads the function to return invalid memory allocations which can be further used to cause possible integrity confidentiality and availability impacts during the boot process.
CVE-2020-1429
Windows Error Reporting Manager Elevation of Privilege Vulnerability
CVE-2020-1428
Windows Network Connections Service Elevation of Privilege Vulnerability
CVE-2020-1427
Windows Network Connections Service Elevation of Privilege Vulnerability
CVE-2020-1426
Windows Kernel Information Disclosure Vulnerability
CVE-2020-1425
Microsoft Windows Codecs Library Remote Code Execution Vulnerability
CVE-2020-1424
Windows Update Stack Elevation of Privilege Vulnerability
CVE-2020-1423
Windows Subsystem for Linux Elevation of Privilege Vulnerability
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2020-14342 It was found that cifs-utils' mount.cifs was invoking a shell when requesting the Samba password which could be used to inject arbitrary commands. An attacker able to invoke mount.cifs with special permission such as via sudo rules could use this flaw to escalate their privileges. | CVSS3: 7 | 0% Низкий | больше 5 лет назад |
| CVE-2020-1433 Microsoft Edge PDF Information Disclosure Vulnerability | CVSS3: 4.3 | 25% Средний | больше 5 лет назад |
| CVE-2020-14331 A flaw was found in the Linux kernel’s implementation of the invert video code on VGA consoles when a local attacker attempts to resize the console calling an ioctl VT_RESIZE which causes an out-of-bounds write to occur. This flaw allows a local user with access to the VGA console to crash the system potentially escalating their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | CVSS3: 6.6 | 0% Низкий | больше 5 лет назад |
| CVE-2020-1432 Skype for Business via Internet Explorer Information Disclosure Vulnerability | CVSS3: 4.3 | 10% Низкий | больше 5 лет назад |
| CVSS3: 5.5 | 0% Низкий | больше 1 года назад | |
| CVE-2020-1431 Windows AppX Deployment Extensions Elevation of Privilege Vulnerability | CVSS3: 7.1 | 0% Низкий | больше 5 лет назад |
| CVSS3: 4.3 | 0% Низкий | больше 1 года назад | |
| CVE-2020-14314 A memory out-of-bounds read flaw was found in the Linux kernel before 5.9-rc2 with the ext3/ext4 file system in the way it accesses a directory with broken indexing. This flaw allows a local user to crash the system if the directory exists. The highest threat from this vulnerability is to system availability. | CVSS3: 5.5 | 0% Низкий | больше 5 лет назад |
| CVSS3: 6 | 0% Низкий | больше 5 лет назад | |
| CVSS3: 6 | 0% Низкий | 7 месяцев назад | |
| CVE-2020-1430 Windows UPnP Device Host Elevation of Privilege Vulnerability | CVSS3: 7.8 | 1% Низкий | больше 5 лет назад |
| CVE-2020-14309 There's an issue with grub2 in all versions before 2.06 when handling squashfs filesystems containing a symbolic link with name length of UINT32 bytes in size. The name size leads to an arithmetic overflow leading to a zero-size allocation further causing a heap-based buffer overflow with attacker controlled data. | CVSS3: 6.7 | 0% Низкий | больше 5 лет назад |
| CVE-2020-14308 In grub2 versions before 2.06 the grub memory allocator doesn't check for possible arithmetic overflows on the requested allocation size. This leads the function to return invalid memory allocations which can be further used to cause possible integrity confidentiality and availability impacts during the boot process. | CVSS3: 6.4 | 0% Низкий | больше 5 лет назад |
| CVE-2020-1429 Windows Error Reporting Manager Elevation of Privilege Vulnerability | CVSS3: 7 | 0% Низкий | больше 5 лет назад |
| CVE-2020-1428 Windows Network Connections Service Elevation of Privilege Vulnerability | CVSS3: 7 | 0% Низкий | больше 5 лет назад |
| CVE-2020-1427 Windows Network Connections Service Elevation of Privilege Vulnerability | CVSS3: 7 | 0% Низкий | больше 5 лет назад |
| CVE-2020-1426 Windows Kernel Information Disclosure Vulnerability | CVSS3: 5.5 | 0% Низкий | больше 5 лет назад |
| CVE-2020-1425 Microsoft Windows Codecs Library Remote Code Execution Vulnerability | 23% Средний | больше 5 лет назад | |
| CVE-2020-1424 Windows Update Stack Elevation of Privilege Vulnerability | CVSS3: 7.8 | 0% Низкий | больше 5 лет назад |
| CVE-2020-1423 Windows Subsystem for Linux Elevation of Privilege Vulnerability | CVSS3: 7.8 | 0% Низкий | больше 5 лет назад |
Уязвимостей на страницу