Show filters
55 topics marked with the following tags:
Displaying 1-10 of 55
Sort by:
Attacker Value
Very Low

CVE-2020-1425 - Windows Codecs Library RCE

Last updated July 03, 2020
A remote code execution in Windows Codecs Library has been fixed by Microsoft with out-of-band patch on 30th June 2020. The vulnerability allows attacker to remotely execute arbitrary code, if the victim opens maliciously crafted media file.
4
Attacker Value
Low

CVE-2020-7208

Disclosure Date: February 13, 2020 (last updated July 24, 2020)
LinuxKI v6.0-1 and earlier is vulnerable to an XSS which is resolved in release 6.0-2.
Attacker Value
Very High

CVE-2019-5596

Disclosure Date: February 12, 2019 (last updated July 24, 2020)
In FreeBSD 11.2-STABLE after r338618 and before r343786, 12.0-STABLE before r343781, and 12.0-RELEASE before 12.0-RELEASE-p3, a bug in the reference count implementation for UNIX domain sockets can cause a file structure to be incorrectly released potentially allowing a malicious local user to gain root privileges or escape from a jail.
Attacker Value
Moderate

CVE-2020-1301 Windows SMB Remote Code Execution Vulnerability

Disclosure Date: June 09, 2020 (last updated July 24, 2020)
A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 1.0 (SMBv1) server handles certain requests, aka 'Windows SMB Remote Code Execution Vulnerability'.
Attacker Value
Very High

FortiGate SSL VPN "Breaching the Fort"

Last updated September 25, 2020
Security researchers at SAM Seamless Network [published a blog post](https://securingsam.com/breaching-the-fort/) on September 24, 2020 stating that 200,000 businesses were exposed to Man-in-the-Middle (MITM) attacks against FortiGate SSL VPNs due to the VPN client's failure to properly verify the server's certificate out of the box. Instead, FortiGate customers must take the extra step of configuring their SSL VPNs with a certificate signed by a trusted CA.
2
Attacker Value
Low

CVE-2020-14942

Disclosure Date: June 21, 2020 (last updated June 27, 2020)
Tendenci 12.0.10 allows unrestricted deserialization in apps\helpdesk\views\staff.py.
Attacker Value
Very Low

CVE-2019-11771

Disclosure Date: July 17, 2019 (last updated July 24, 2020)
AIX builds of Eclipse OpenJ9 before 0.15.0 contain unused RPATHs which may facilitate code injection and privilege elevation by local users.
Attacker Value
High

CVE-2007-2617

Disclosure Date: May 11, 2007 (last updated July 30, 2020)
srsexec in Sun Remote Services (SRS) Net Connect Software Proxy Core package in Sun Solaris 10 does not enforce file permissions when opening files, which allows local users to read the first line of arbitrary files via the -d and -v options.
0
Attacker Value
Moderate

CVE-2020-9484 — PersistentManager Java deserialization vulnerability

Disclosure Date: May 20, 2020 (last updated July 24, 2020)
When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a) an attacker is able to control the contents and name of a file on the server; and b) the server is configured to use the PersistenceManager with a FileStore; and c) the PersistenceManager is configured with sessionAttributeValueClassNameFilter="null" (the default unless a SecurityManager is used) or a sufficiently lax filter to allow the attacker provided object to be deserialized; and d) the attacker knows the relative file path from the storage location used by FileStore to the file the attacker has control over; then, using a specifically crafted request, the attacker will be able to trigger remote code execution via deserialization of the file under their control. Note that all of conditions a) to d) must be true for the attack to succeed.
Attacker Value
High

Liferay CE 6.0.2 Java Deserialization

Last updated March 02, 2020
Liferay CE 6.0.2 remote code execution via unsafe deserialization
0