Show filters
26 Total Results
Displaying 1-10 of 26
Sort by:
Attacker Value
Very High

CVE-2020-1472 aka Zerologon

Disclosure Date: August 17, 2020 (last updated November 18, 2020)
An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC), aka 'Netlogon Elevation of Privilege Vulnerability'.
Attacker Value
High

CVE-2020-3992 — ESXi OpenSLP remote code execution vulnerability

Disclosure Date: October 20, 2020 (last updated November 17, 2020)
OpenSLP as used in VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202010401-SG, 6.5 before ESXi650-202010401-SG) has a use-after-free issue. A malicious actor residing in the management network who has access to port 427 on an ESXi machine may be able to trigger a use-after-free in the OpenSLP service resulting in remote code execution. **NOTE**: VMware issued a patch for the patch on 2020-11-04. The advisory URL — https://www.vmware.com/security/advisories/VMSA-2020-0023.html — did not change.
Attacker Value
High

CVE-2020-16898 aka Bad Neighbor / Ping of Death Redux

Disclosure Date: October 16, 2020 (last updated October 28, 2020)
A remote code execution vulnerability exists when the Windows TCP/IP stack improperly handles ICMPv6 Router Advertisement packets, aka 'Windows TCP/IP Remote Code Execution Vulnerability'.
Attacker Value
Very High

CVE-2022-1388

Disclosure Date: May 04, 2022 (last updated May 10, 2022)
On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all 12.1.x and 11.6.x versions, undisclosed requests may bypass iControl REST authentication. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
13
Attacker Value
Very High

CVE-2021-41773

Disclosure Date: October 05, 2021 (last updated October 15, 2021)
A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configuration "require all denied", these requests can succeed. If CGI scripts are also enabled for these aliased pathes, this could allow for remote code execution. This issue is known to be exploited in the wild. This issue only affects Apache 2.4.49 and not earlier versions. The fix in Apache HTTP Server 2.4.50 was found to be incomplete, see CVE-2021-42013.
Attacker Value
Very High

CVE-2020-0601, aka NSACrypt

Disclosure Date: January 14, 2020 (last updated July 24, 2020)
A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source, aka 'Windows CryptoAPI Spoofing Vulnerability'.
Attacker Value
Very High

CVE-2020-6287: Critical Vulnerability in SAP NetWeaver Application Server (AS) …

Disclosure Date: July 14, 2020 (last updated December 21, 2020)
SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7.50, does not perform an authentication check which allows an attacker without prior authentication to execute configuration tasks to perform critical actions against the SAP Java system, including the ability to create an administrative user, and therefore compromising Confidentiality, Integrity and Availability of the system, leading to Missing Authentication Check.
Attacker Value
High

Authentication bypass vulnerability in Cisco’s IOS XE REST API

Disclosure Date: August 28, 2019 (last updated February 13, 2020)
This is an authentication bypass vulnerability in Cisco's IOS XE series OS. While it can target a large swath of Cisco's switches and routers, it requires the Cisco REST API Container for IOS to be turned on, as it is not on by default.
2
Attacker Value
Low

CVE-2020-11984 — Multiple Vulnerabilities in Apache Web Server Could Allow for …

Disclosure Date: August 07, 2020 (last updated September 03, 2020)
Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE
Attacker Value
Very High

CVE-2022-0543

Disclosure Date: February 18, 2022 (last updated April 27, 2022)
It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a (Debian-specific) Lua sandbox escape, which could result in remote code execution.
3