Логотип exploitDog
source:"msrc"
Консоль
Логотип exploitDog

exploitDog

source:"msrc"

Количество 18 763

Количество 18 763

msrc логотип

CVE-2020-14342

больше 5 лет назад

It was found that cifs-utils' mount.cifs was invoking a shell when requesting the Samba password which could be used to inject arbitrary commands. An attacker able to invoke mount.cifs with special permission such as via sudo rules could use this flaw to escalate their privileges.

CVSS3: 7
EPSS: Низкий
msrc логотип

CVE-2020-1433

больше 5 лет назад

Microsoft Edge PDF Information Disclosure Vulnerability

CVSS3: 4.3
EPSS: Средний
msrc логотип

CVE-2020-14331

больше 5 лет назад

A flaw was found in the Linux kernel’s implementation of the invert video code on VGA consoles when a local attacker attempts to resize the console calling an ioctl VT_RESIZE which causes an out-of-bounds write to occur. This flaw allows a local user with access to the VGA console to crash the system potentially escalating their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

CVSS3: 6.6
EPSS: Низкий
msrc логотип

CVE-2020-1432

больше 5 лет назад

Skype for Business via Internet Explorer Information Disclosure Vulnerability

CVSS3: 4.3
EPSS: Низкий
msrc логотип

CVE-2020-14323

больше 1 года назад

CVSS3: 5.5
EPSS: Низкий
msrc логотип

CVE-2020-1431

больше 5 лет назад

Windows AppX Deployment Extensions Elevation of Privilege Vulnerability

CVSS3: 7.1
EPSS: Низкий
msrc логотип

CVE-2020-14318

больше 1 года назад

CVSS3: 4.3
EPSS: Низкий
msrc логотип

CVE-2020-14314

больше 5 лет назад

A memory out-of-bounds read flaw was found in the Linux kernel before 5.9-rc2 with the ext3/ext4 file system in the way it accesses a directory with broken indexing. This flaw allows a local user to crash the system if the directory exists. The highest threat from this vulnerability is to system availability.

CVSS3: 5.5
EPSS: Низкий
msrc логотип

CVE-2020-14311

больше 5 лет назад

CVSS3: 6
EPSS: Низкий
msrc логотип

CVE-2020-14310

7 месяцев назад

CVSS3: 6
EPSS: Низкий
msrc логотип

CVE-2020-1430

больше 5 лет назад

Windows UPnP Device Host Elevation of Privilege Vulnerability

CVSS3: 7.8
EPSS: Низкий
msrc логотип

CVE-2020-14309

больше 5 лет назад

There's an issue with grub2 in all versions before 2.06 when handling squashfs filesystems containing a symbolic link with name length of UINT32 bytes in size. The name size leads to an arithmetic overflow leading to a zero-size allocation further causing a heap-based buffer overflow with attacker controlled data.

CVSS3: 6.7
EPSS: Низкий
msrc логотип

CVE-2020-14308

больше 5 лет назад

In grub2 versions before 2.06 the grub memory allocator doesn't check for possible arithmetic overflows on the requested allocation size. This leads the function to return invalid memory allocations which can be further used to cause possible integrity confidentiality and availability impacts during the boot process.

CVSS3: 6.4
EPSS: Низкий
msrc логотип

CVE-2020-1429

больше 5 лет назад

Windows Error Reporting Manager Elevation of Privilege Vulnerability

CVSS3: 7
EPSS: Низкий
msrc логотип

CVE-2020-1428

больше 5 лет назад

Windows Network Connections Service Elevation of Privilege Vulnerability

CVSS3: 7
EPSS: Низкий
msrc логотип

CVE-2020-1427

больше 5 лет назад

Windows Network Connections Service Elevation of Privilege Vulnerability

CVSS3: 7
EPSS: Низкий
msrc логотип

CVE-2020-1426

больше 5 лет назад

Windows Kernel Information Disclosure Vulnerability

CVSS3: 5.5
EPSS: Низкий
msrc логотип

CVE-2020-1425

больше 5 лет назад

Microsoft Windows Codecs Library Remote Code Execution Vulnerability

EPSS: Средний
msrc логотип

CVE-2020-1424

больше 5 лет назад

Windows Update Stack Elevation of Privilege Vulnerability

CVSS3: 7.8
EPSS: Низкий
msrc логотип

CVE-2020-1423

больше 5 лет назад

Windows Subsystem for Linux Elevation of Privilege Vulnerability

CVSS3: 7.8
EPSS: Низкий

Уязвимостей на страницу

Уязвимость
CVSS
EPSS
Опубликовано
msrc логотип
CVE-2020-14342

It was found that cifs-utils' mount.cifs was invoking a shell when requesting the Samba password which could be used to inject arbitrary commands. An attacker able to invoke mount.cifs with special permission such as via sudo rules could use this flaw to escalate their privileges.

CVSS3: 7
0%
Низкий
больше 5 лет назад
msrc логотип
CVE-2020-1433

Microsoft Edge PDF Information Disclosure Vulnerability

CVSS3: 4.3
25%
Средний
больше 5 лет назад
msrc логотип
CVE-2020-14331

A flaw was found in the Linux kernel’s implementation of the invert video code on VGA consoles when a local attacker attempts to resize the console calling an ioctl VT_RESIZE which causes an out-of-bounds write to occur. This flaw allows a local user with access to the VGA console to crash the system potentially escalating their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

CVSS3: 6.6
0%
Низкий
больше 5 лет назад
msrc логотип
CVE-2020-1432

Skype for Business via Internet Explorer Information Disclosure Vulnerability

CVSS3: 4.3
10%
Низкий
больше 5 лет назад
msrc логотип
CVSS3: 5.5
0%
Низкий
больше 1 года назад
msrc логотип
CVE-2020-1431

Windows AppX Deployment Extensions Elevation of Privilege Vulnerability

CVSS3: 7.1
0%
Низкий
больше 5 лет назад
msrc логотип
CVSS3: 4.3
0%
Низкий
больше 1 года назад
msrc логотип
CVE-2020-14314

A memory out-of-bounds read flaw was found in the Linux kernel before 5.9-rc2 with the ext3/ext4 file system in the way it accesses a directory with broken indexing. This flaw allows a local user to crash the system if the directory exists. The highest threat from this vulnerability is to system availability.

CVSS3: 5.5
0%
Низкий
больше 5 лет назад
msrc логотип
CVSS3: 6
0%
Низкий
больше 5 лет назад
msrc логотип
CVSS3: 6
0%
Низкий
7 месяцев назад
msrc логотип
CVE-2020-1430

Windows UPnP Device Host Elevation of Privilege Vulnerability

CVSS3: 7.8
1%
Низкий
больше 5 лет назад
msrc логотип
CVE-2020-14309

There's an issue with grub2 in all versions before 2.06 when handling squashfs filesystems containing a symbolic link with name length of UINT32 bytes in size. The name size leads to an arithmetic overflow leading to a zero-size allocation further causing a heap-based buffer overflow with attacker controlled data.

CVSS3: 6.7
0%
Низкий
больше 5 лет назад
msrc логотип
CVE-2020-14308

In grub2 versions before 2.06 the grub memory allocator doesn't check for possible arithmetic overflows on the requested allocation size. This leads the function to return invalid memory allocations which can be further used to cause possible integrity confidentiality and availability impacts during the boot process.

CVSS3: 6.4
0%
Низкий
больше 5 лет назад
msrc логотип
CVE-2020-1429

Windows Error Reporting Manager Elevation of Privilege Vulnerability

CVSS3: 7
0%
Низкий
больше 5 лет назад
msrc логотип
CVE-2020-1428

Windows Network Connections Service Elevation of Privilege Vulnerability

CVSS3: 7
0%
Низкий
больше 5 лет назад
msrc логотип
CVE-2020-1427

Windows Network Connections Service Elevation of Privilege Vulnerability

CVSS3: 7
0%
Низкий
больше 5 лет назад
msrc логотип
CVE-2020-1426

Windows Kernel Information Disclosure Vulnerability

CVSS3: 5.5
0%
Низкий
больше 5 лет назад
msrc логотип
CVE-2020-1425

Microsoft Windows Codecs Library Remote Code Execution Vulnerability

23%
Средний
больше 5 лет назад
msrc логотип
CVE-2020-1424

Windows Update Stack Elevation of Privilege Vulnerability

CVSS3: 7.8
0%
Низкий
больше 5 лет назад
msrc логотип
CVE-2020-1423

Windows Subsystem for Linux Elevation of Privilege Vulnerability

CVSS3: 7.8
0%
Низкий
больше 5 лет назад

Уязвимостей на страницу