Количество 18 769
Количество 18 769
CVE-2020-1072
Windows Kernel Information Disclosure Vulnerability
CVE-2020-10724
A vulnerability was found in DPDK versions 18.11 and above
CVE-2020-10723
A memory corruption issue was found in DPDK versions 17.05 and above
CVE-2020-10722
A vulnerability was found in DPDK versions 18.05 and above. A missing check for an integer overflow in vhost_user_set_log_base() could result in a smaller memory map than requested, possibly allowing memory corruption.
CVE-2020-1071
Windows Remote Access Common Dialog Elevation of Privilege Vulnerability
CVE-2020-10713
A flaw was found in grub2 prior to version 2.06. An attacker may use the GRUB 2 flaw to hijack and tamper the GRUB verification process. This flaw also allows the bypass of Secure Boot protections. In order to load an untrusted or modified kernel an attacker would first need to establish access to the system such as gaining physical access obtain the ability to alter a pxe-boot network or have remote access to a networked system with root access. With this access an attacker could then craft a string to cause a buffer overflow by injecting a malicious payload that leads to arbitrary code execution within GRUB. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVE-2020-10711
CVE-2020-1070
Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2020-10702
A flaw was found in QEMU in the implementation of the Pointer Authentication (PAuth) support for ARM introduced in version 4.0 and fixed in version 5.0.0. A general failure of the signature generation process caused every PAuth-enforced pointer to be signed with the same signature. A local attacker could obtain the signature of a protected pointer and abuse this flaw to bypass PAuth protection for all programs running on QEMU.
CVE-2020-10701
A missing authorization flaw was found in the libvirt API responsible for changing the QEMU agent response timeout. This flaw allows read-only connections to adjust the time that libvirt waits for the QEMU guest agent to respond to agent commands. Depending on the timeout value that is set this flaw can make guest agent commands fail because the agent cannot respond in time. Unprivileged users with a read-only connection could abuse this flaw to set the response timeout for all guest agent messages to zero potentially leading to a denial of service. This flaw affects libvirt versions before 6.2.0.
CVE-2020-1069
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2020-10690
CVE-2020-1068
Microsoft Windows Elevation of Privilege Vulnerability
CVE-2020-1067
Windows Remote Code Execution Vulnerability
CVE-2020-1066
.NET Framework Elevation of Privilege Vulnerability
CVE-2020-1065
Scripting Engine Memory Corruption Vulnerability
CVE-2020-1064
MSHTML Engine Remote Code Execution Vulnerability
CVE-2020-1063
Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability
CVE-2020-1062
Internet Explorer Memory Corruption Vulnerability
CVE-2020-1061
Microsoft Script Runtime Remote Code Execution Vulnerability
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2020-1072 Windows Kernel Information Disclosure Vulnerability | CVSS3: 5.5 | 1% Низкий | больше 5 лет назад |
| CVE-2020-10724 A vulnerability was found in DPDK versions 18.11 and above | CVSS3: 5.1 | 0% Низкий | 5 месяцев назад |
| CVE-2020-10723 A memory corruption issue was found in DPDK versions 17.05 and above | CVSS3: 5.1 | 0% Низкий | 5 месяцев назад |
| CVE-2020-10722 A vulnerability was found in DPDK versions 18.05 and above. A missing check for an integer overflow in vhost_user_set_log_base() could result in a smaller memory map than requested, possibly allowing memory corruption. | CVSS3: 5.1 | 0% Низкий | 5 месяцев назад |
| CVE-2020-1071 Windows Remote Access Common Dialog Elevation of Privilege Vulnerability | CVSS3: 6.8 | 0% Низкий | больше 5 лет назад |
| CVE-2020-10713 A flaw was found in grub2 prior to version 2.06. An attacker may use the GRUB 2 flaw to hijack and tamper the GRUB verification process. This flaw also allows the bypass of Secure Boot protections. In order to load an untrusted or modified kernel an attacker would first need to establish access to the system such as gaining physical access obtain the ability to alter a pxe-boot network or have remote access to a networked system with root access. With this access an attacker could then craft a string to cause a buffer overflow by injecting a malicious payload that leads to arbitrary code execution within GRUB. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | CVSS3: 8.2 | 0% Низкий | больше 5 лет назад |
| CVSS3: 5.9 | 5% Низкий | больше 5 лет назад | |
| CVE-2020-1070 Windows Print Spooler Elevation of Privilege Vulnerability | CVSS3: 7.8 | 0% Низкий | больше 5 лет назад |
| CVE-2020-10702 A flaw was found in QEMU in the implementation of the Pointer Authentication (PAuth) support for ARM introduced in version 4.0 and fixed in version 5.0.0. A general failure of the signature generation process caused every PAuth-enforced pointer to be signed with the same signature. A local attacker could obtain the signature of a protected pointer and abuse this flaw to bypass PAuth protection for all programs running on QEMU. | CVSS3: 5.5 | 0% Низкий | больше 5 лет назад |
| CVE-2020-10701 A missing authorization flaw was found in the libvirt API responsible for changing the QEMU agent response timeout. This flaw allows read-only connections to adjust the time that libvirt waits for the QEMU guest agent to respond to agent commands. Depending on the timeout value that is set this flaw can make guest agent commands fail because the agent cannot respond in time. Unprivileged users with a read-only connection could abuse this flaw to set the response timeout for all guest agent messages to zero potentially leading to a denial of service. This flaw affects libvirt versions before 6.2.0. | CVSS3: 6.5 | 0% Низкий | больше 4 лет назад |
| CVE-2020-1069 Microsoft SharePoint Server Remote Code Execution Vulnerability | 35% Средний | больше 5 лет назад | |
| CVSS3: 6.4 | 0% Низкий | больше 5 лет назад | |
| CVE-2020-1068 Microsoft Windows Elevation of Privilege Vulnerability | CVSS3: 7.8 | 0% Низкий | больше 5 лет назад |
| CVE-2020-1067 Windows Remote Code Execution Vulnerability | CVSS3: 7.8 | 38% Средний | больше 5 лет назад |
| CVE-2020-1066 .NET Framework Elevation of Privilege Vulnerability | 30% Средний | больше 5 лет назад | |
| CVE-2020-1065 Scripting Engine Memory Corruption Vulnerability | CVSS3: 4.2 | 5% Низкий | больше 5 лет назад |
| CVE-2020-1064 MSHTML Engine Remote Code Execution Vulnerability | CVSS3: 6.4 | 9% Низкий | больше 5 лет назад |
| CVE-2020-1063 Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability | 1% Низкий | больше 5 лет назад | |
| CVE-2020-1062 Internet Explorer Memory Corruption Vulnerability | CVSS3: 6.4 | 28% Средний | больше 5 лет назад |
| CVE-2020-1061 Microsoft Script Runtime Remote Code Execution Vulnerability | CVSS3: 7.5 | 23% Средний | больше 5 лет назад |
Уязвимостей на страницу