Topics

Sort by:
Attacker Value
Very High

CVE-2020-0665

Disclosure Date: February 11, 2020 (last updated March 10, 2020)
An elevation of privilege vulnerability exists in Active Directory Forest trusts due to a default setting that lets an attacker in the trusting forest request delegation of a TGT for an identity from the trusted forest, aka 'Active Directory Elevation of Privilege Vulnerability'.
Attack Vector: Network
0
Attacker Value
Moderate

Oracle Java JRE AES Intrinsics Remote Denial of Service

Disclosure Date: July 16, 2015 (last updated February 13, 2020)
Unspecified vulnerability in Oracle Java SE 8u45 and Java SE Embedded 8u33 allows remote attackers to affect availability via unknown vectors related to Security.
Utility Class: Other
0
Attacker Value
Very High

CVE-2020-0601, aka NSACrypt

Disclosure Date: January 14, 2020 (last updated March 10, 2020)
Crypt32.dll can be tricked to accept a fake certificate. This has wide-ranging cryptographic implications.
Attack Vector: Network Utility Class: Other
0
Attacker Value
Moderate

CVE-2019-0880 Microsoft splwow64 Elevation of Privilege Vulnerability

Disclosure Date: July 15, 2019 (last updated February 13, 2020)
This is a Privilege Escalation vulnerability in how all modern versions of Windows and appears to relate to a function in splwow64.exe. Very little has been released on the technical details of the vulnerability, but the affects are fairly large. All versions of Windows after Server 2008 R2 are affected, including ARM versions. I'm very curous as to what the details are, as I think of only x64 versions when I look at splwow64.exe.
Utility Class: Privilege Escalation
0
Attacker Value
Very High

CVE-2019-10149

Last updated May 28, 2020
Exim unauthenticated RCE with reports that it's been used by [Sandworm since August 2019](CVE-2019-10149)
0
Attacker Value
Low

CVE-2020-13386

Disclosure Date: May 27, 2020 (last updated May 28, 2020)
In SmartDraw 2020 27.0.0.0, the installer gives inherited write permissions to the Authenticated Users group on the SmartDraw 2020 installation folder. Additionally, when the product is installed, two scheduled tasks are created on the machine, SDMsgUpdate (Local) and SDMsgUpdate (TE). The scheduled tasks run in the context of the user who installed the product. Both scheduled tasks attempt to run the same binary, C:\SmartDraw 2020\Messages\SDNotify.exe. The folder Messages doesn't exist by default and (by extension) neither does SDNotify.exe. Due to the weak folder permissions, these can be created by any user. A malicious actor can therefore create a malicious SDNotify.exe binary, and have it automatically run, whenever the user who installed the product logs on to the machine. The malicious SDNotify.exe could, for example, create a new local administrator account on the machine.
0
Attacker Value
Very Low

ThunderSpy

Last updated May 12, 2020
A combination of vulnerabilities for the Thunderbolt protocol have been announced that allow a malicious actor to access most machines with a Thunderbolt port and bypass security restrictions on the device.
2
Attacker Value
Moderate

CVE-2020-1143: Win32k Use-After-Free

Last updated May 20, 2020
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Utility Class: Privilege Escalation
0
Attacker Value
Moderate

CVE-2020-13167

Disclosure Date: May 19, 2020 (last updated May 30, 2020)
Netsweeper through 6.4.3 allows unauthenticated remote code execution because webadmin/tools/unixlogin.php (with certain Referer headers) launches a command line with client-supplied parameters, and allows injection of shell metacharacters.
Attack Vector: Network
0
Attacker Value
Very High

CVE-2017-15889

Disclosure Date: December 04, 2017 (last updated May 30, 2020)
Command injection vulnerability in smart.cgi in Synology DiskStation Manager (DSM) before 5.2-5967-5 allows remote authenticated users to execute arbitrary commands via disk field.
Attack Vector: Network
0