85 topics marked with the following tags:
Displaying 11-20 of 85
Disclosure Date: September 14, 2020 (last updated November 17, 2020)
Apache Struts 2.0.0 to 2.5.20 forced double OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution.
Last updated February 11, 2022
Access Bypass vulnerability in Drupal Core allows for an attacker to leverage the way that HTML is rendered for affected forms in order to exploit the vulnerability. This issue affects: Drupal Core 8.8.x versions prior to 8.8.10; 8.9.x versions prior to 8.9.6; 9.0.x versions prior to 9.0.6.
Disclosure Date: June 20, 2020 (last updated June 27, 2020)
compose.php in SquirrelMail 1.4.22 calls unserialize for the $mailtodata value, which originates from an HTTP GET request. This is related to mailto.php.
CVE-2020-1425 - Windows Codecs Library RCE
Last updated July 03, 2020
A remote code execution in Windows Codecs Library has been fixed by Microsoft with out-of-band patch on 30th June 2020. The vulnerability allows attacker to remotely execute arbitrary code, if the victim opens maliciously crafted media file.
Disclosure Date: February 26, 2019 (last updated July 09, 2020)
In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.
Last updated January 20, 2023
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
Disclosure Date: September 04, 2020 (last updated September 10, 2020)
Upon installation, Cisco Jabber registers protocol handlers for a number of different protocols. These are used to tell the operating system that whenever a user clicks on a URL containing one of the custom protocols (e.g. ciscoim:email@example.com) the URL should be passed to Cisco Jabber. In this case, the protocol handlers specify that the URL should be passed as a command line flag. These protocol handlers are vulnerable to command injection because they fail to consider URLs that contain spaces. By including a space in the URL, an attacker can inject arbitrary command line flags that will be passed to the application. Since the application uses CEF and accepts Chromium command line flags, several flags that can be used to execute arbitrary commands or load arbitrary DLLs exist. An example of such a flag is --GPU-launcher. This flag specifies a command that will be executed when CEFs GPU process is started. This vulnerability can be combined with the XSS vulnerability to achi…
Disclosure Date: March 12, 2020 (last updated July 24, 2020)
An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0898.
CVE-2020-27955 — Git Large File Storage / Git LFS (git-lfs) - Remote Code Execu…
Disclosure Date: November 05, 2020 (last updated November 11, 2020)
Git LFS 2.12.0 allows Remote Code Execution.
Disclosure Date: August 14, 2019 (last updated July 24, 2020)
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'.