Total
2561 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-26181 | 1 Dell | 2 Emc Isilon Onefs, Emc Powerscale Onefs | 2024-11-21 | 7.2 HIGH | 7.0 HIGH |
|
Dell EMC Isilon OneFS versions 8.1 and later and Dell EMC PowerScale OneFS version 9.0.0 contain a privilege escalation vulnerability on a SmartLock Compliance mode cluster. The compadmin user connecting using ISI PRIV LOGIN SSH or ISI PRIV LOGIN CONSOLE can elevate privileges to the root user if they have ISI PRIV HARDENING privileges.
|
|||||
| CVE-2020-26080 | 1 Cisco | 1 Iot Field Network Director | 2024-11-21 | 4.0 MEDIUM | 4.1 MEDIUM |
|
A vulnerability in the user management functionality of Cisco IoT Field Network Director (FND) could allow an authenticated, remote attacker to manage user information for users in different domains on an affected system. The vulnerability is due to improper domain access control. An attacker could exploit this vulnerability by manipulating JSON payloads to target different domains on an affected system. A successful exploit could allow the attacker to manage user information for users in differ ...
Show More |
|||||
| CVE-2020-26077 | 1 Cisco | 1 Iot Field Network Director | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
|
A vulnerability in the access control functionality of Cisco IoT Field Network Director (FND) could allow an authenticated, remote attacker to view lists of users from different domains that are configured on an affected system. The vulnerability is due to improper access control. An attacker could exploit this vulnerability by sending an API request that alters the domain for a requested user list on an affected system. A successful exploit could allow the attacker to view lists of users from d ...
Show More |
|||||
| CVE-2020-26072 | 1 Cisco | 1 Iot Field Network Director | 2024-11-21 | 5.5 MEDIUM | 8.7 HIGH |
|
A vulnerability in the SOAP API of Cisco IoT Field Network Director (FND) could allow an authenticated, remote attacker to access and modify information on devices that belong to a different domain. The vulnerability is due to insufficient authorization in the SOAP API. An attacker could exploit this vulnerability by sending SOAP API requests to affected devices for devices that are outside their authorized domain. A successful exploit could allow the attacker to access and modify information on ...
Show More |
|||||
| CVE-2020-25595 | 4 Debian, Fedoraproject, Opensuse and 1 more | 4 Debian Linux, Fedora, Leap and 1 more | 2024-11-21 | 6.1 MEDIUM | 7.8 HIGH |
|
An issue was discovered in Xen through 4.14.x. The PCI passthrough code improperly uses register data. Code paths in Xen's MSI handling have been identified that act on unsanitized values read back from device hardware registers. While devices strictly compliant with PCI specifications shouldn't be able to affect these registers, experience shows that it's very common for devices to have out-of-spec "backdoor" operations that can affect the result of these reads. A not fully trusted guest may be ...
Show More |
|||||
| CVE-2020-25194 | 1 Moxa | 2 Nport Iaw5000a-i\/o, Nport Iaw5000a-i\/o Firmware | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower has improper privilege management, which may allow an attacker with user privileges to perform requests with administrative privileges.
|
|||||
| CVE-2020-25106 | 1 Supremocontrol | 1 Supremo | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
|
Nanosystems SupRemo 4.1.3.2348 allows attackers to obtain LocalSystem access because File Manager can be used to rename Supremo.exe and then upload a Trojan horse with the Supremo.exe filename.
|
|||||
| CVE-2020-24848 | 1 Fruitywifi Project | 1 Fruitywifi | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
FruityWifi through 2.4 has an unsafe Sudo configuration [(ALL : ALL) NOPASSWD: ALL]. This allows an attacker to perform a system-level (root) local privilege escalation, allowing an attacker to gain complete persistent access to the local system.
|
|||||
| CVE-2020-24678 | 1 Abb | 2 Symphony \+ Historian, Symphony \+ Operations | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
An authenticated user might execute malicious code under the user context and take control of the system. S+ Operations or S+ Historian database is affected by multiple vulnerabilities such as the possibility to allow remote authenticated users to gain high privileges.
|
|||||
| CVE-2020-24576 | 1 Netskope | 1 Netskope | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
|
Netskope Client through 77 allows low-privileged users to elevate their privileges to NT AUTHORITY\SYSTEM.
|
|||||
| CVE-2020-24331 | 2 Fedoraproject, Trousers Project | 2 Fedora, Trousers | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges, the tss user still has read and write access to the /etc/tcsd.conf file (which contains various settings related to this daemon).
|
|||||
| CVE-2020-24330 | 2 Fedoraproject, Trousers Project | 2 Fedora, Trousers | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges instead of by the tss user, it fails to drop the root gid privilege when no longer needed.
|
|||||
| CVE-2020-24307 | 1 Mremoteng | 1 Mremoteng | 2024-11-21 | N/A | 7.8 HIGH |
|
An issue in mRemoteNG v1.76.20 allows attackers to escalate privileges via a crafted executable file. NOTE: third parties were unable to reproduce any scenario in which the claimed access of BUILTIN\Users:(M) is present.
|
|||||
| CVE-2020-24046 | 1 Titanhq | 1 Spamtitan | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
|
A sandbox escape issue was discovered in TitanHQ SpamTitan Gateway 7.07. It limits the admin user to a restricted shell, allowing execution of a small number of tools of the operating system. This restricted shell can be bypassed after changing the properties of the user admin in the operating system file /etc/passwd. This file cannot be accessed though the restricted shell, but it can be modified by abusing the Backup/Import Backup functionality of the web interface. An authenticated attacker w ...
Show More |
|||||
| CVE-2020-23128 | 1 Chamilo | 1 Chamilo Lms | 2024-11-21 | 4.0 MEDIUM | 4.9 MEDIUM |
|
Chamilo LMS 1.11.10 does not properly manage privileges which could allow a user with Sessions administrator privilege to create a new user then use the edit user function to change this new user to administrator privilege.
|
|||||
| CVE-2020-21046 | 1 Softonic | 1 Eagleget | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
A local privilege escalation vulnerability was identified within the "luminati_net_updater_win_eagleget_com" service in EagleGet Downloader version 2.1.5.20 Stable. This issue allows authenticated non-administrative user to escalate their privilege and conduct code execution as a SYSTEM privilege.
|
|||||
| CVE-2020-1991 | 2 Microsoft, Paloaltonetworks | 2 Windows, Traps | 2024-11-21 | 3.6 LOW | 7.8 HIGH |
|
An insecure temporary file vulnerability in Palo Alto Networks Traps allows a local authenticated Windows user to escalate privileges or overwrite system files. This issue affects Palo Alto Networks Traps 5.0 versions before 5.0.8; 6.1 versions before 6.1.4 on Windows. This issue does not affect Cortex XDR 7.0. This issue does not affect Traps for Linux or MacOS.
|
|||||
| CVE-2020-1989 | 1 Paloaltonetworks | 1 Globalprotect | 2024-11-21 | 7.2 HIGH | 7.0 HIGH |
|
An incorrect privilege assignment vulnerability when writing application-specific files in the Palo Alto Networks Global Protect Agent for Linux on ARM platform allows a local authenticated user to gain root privileges on the system. This issue affects Palo Alto Networks Global Protect Agent for Linux 5.0 versions before 5.0.8; 5.1 versions before 5.1.1.
|
|||||
| CVE-2020-1708 | 1 Redhat | 1 Openshift Container Platform | 2024-11-21 | 4.4 MEDIUM | 7.0 HIGH |
|
It has been found in openshift-enterprise version 3.11 and all openshift-enterprise versions from 4.1 to, including 4.3, that multiple containers modify the permissions of /etc/passwd to make them modifiable by users other than root. An attacker with access to the running container can exploit this to modify /etc/passwd to add a user and escalate their privileges. This CVE is specific to the openshift/mysql-apb.
|
|||||
| CVE-2020-1431 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
An elevation of privilege vulnerability exists when the Windows AppX Deployment Extensions improperly performs privilege management, resulting in access to system files.To exploit this vulnerability, an authenticated attacker would need to run a specially crafted application to elevate privileges.The security update addresses the vulnerability by correcting how AppX Deployment Extensions manages privileges., aka 'Windows AppX Deployment Extensions Elevation of Privilege Vulnerability'.
|
|||||
| CVE-2020-1416 | 1 Microsoft | 5 Azure Storage Explorer, Typescript, Visual Studio 2017 and 2 more | 2024-11-21 | 9.3 HIGH | 8.8 HIGH |
|
An elevation of privilege vulnerability exists in Visual Studio and Visual Studio Code when they load software dependencies, aka 'Visual Studio and Visual Studio Code Elevation of Privilege Vulnerability'.
|
|||||
| CVE-2020-1412 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-11-21 | 9.3 HIGH | 8.8 HIGH |
|
A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka 'Microsoft Graphics Components Remote Code Execution Vulnerability'.
|
|||||
| CVE-2020-1014 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
An elevation of privilege vulnerability exists in the Microsoft Windows Update Client when it does not properly handle privileges, aka 'Microsoft Windows Update Client Elevation of Privilege Vulnerability'.
|
|||||
| CVE-2020-18171 | 2 Microsoft, Techsmith | 2 Windows, Snagit | 2024-11-21 | 7.2 HIGH | 8.8 HIGH |
|
TechSmith Snagit 19.1.0.2653 uses Object Linking and Embedding (OLE) which can allow attackers to obfuscate and embed crafted files used to escalate privileges. NOTE: This implies that Snagit's use of OLE is a security vulnerability unto itself and it is not. See reference document for more details
|
|||||
| CVE-2020-18169 | 2 Microsoft, Techsmith | 2 Windows, Snagit | 2024-11-21 | 4.4 MEDIUM | 7.8 HIGH |
|
A vulnerability in the Windows installer XML (WiX) toolset of TechSmith Snagit 19.1.1.2860 allows attackers to escalate privileges. NOTE: Exploit of the Snagit installer would require the end user to ignore other safety mechanisms provided by the Host OS. See reference document for more details
|
|||||
| CVE-2020-16993 | 1 Microsoft | 1 Azure Sphere | 2024-11-21 | 4.6 MEDIUM | 5.4 MEDIUM |
|
Azure Sphere Elevation of Privilege Vulnerability
|
|||||
| CVE-2020-16262 | 1 Winstonprivacy | 2 Winston, Winston Firmware | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
Winston 1.5.4 devices have a local www-data user that is overly permissioned, resulting in root privilege escalation.
|
|||||
| CVE-2020-16238 | 1 Bbraun | 2 Datamodule Compactplus, Spacecom | 2024-11-21 | 7.2 HIGH | 6.7 MEDIUM |
|
A vulnerability in the configuration import mechanism of the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows attackers with command line access to the underlying Linux system to escalate privileges to the root user.
|
|||||
| CVE-2020-16126 | 1 Freedesktop | 1 Accountsservice | 2024-11-21 | 2.1 LOW | 3.3 LOW |
|
An Ubuntu-specific modification to AccountsService in versions before 0.6.55-0ubuntu13.2, among other earlier versions, improperly dropped the ruid, allowing untrusted users to send signals to AccountService, thus stopping it from handling D-Bus messages in a timely fashion.
|
|||||
| CVE-2020-16122 | 2 Canonical, Packagekit Project | 2 Ubuntu Linux, Packagekit | 2024-11-21 | 2.1 LOW | 8.2 HIGH |
|
PackageKit's apt backend mistakenly treated all local debs as trusted. The apt security model is based on repository trust and not on the contents of individual files. On sites with configured PolicyKit rules this may allow users to install malicious packages.
|
|||||
| CVE-2020-15862 | 3 Canonical, Net-snmp, Netapp | 6 Ubuntu Linux, Net-snmp, Cloud Backup and 3 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
Net-SNMP through 5.8 has Improper Privilege Management because SNMP WRITE access to the EXTEND MIB provides the ability to run arbitrary commands as root.
|
|||||
| CVE-2020-15826 | 1 Jetbrains | 1 Teamcity | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
|
In JetBrains TeamCity before 2020.1, users are able to assign more permissions than they have.
|
|||||
| CVE-2020-15824 | 2 Jetbrains, Oracle | 3 Kotlin, Banking Extensibility Workbench, Communications Cloud Native Core Policy | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
In JetBrains Kotlin from 1.4-M1 to 1.4-RC (as Kotlin 1.3.7x is not affected by the issue. Fixed version is 1.4.0) there is a script-cache privilege escalation vulnerability due to kotlin-main-kts cached scripts in the system temp directory, which is shared by all users by default.
|
|||||
| CVE-2020-15797 | 1 Siemens | 2 Dca Vantage Analyzer, Dca Vantage Analyzer Firmware | 2024-11-21 | 7.2 HIGH | 6.8 MEDIUM |
|
A vulnerability has been identified in DCA Vantage Analyzer (All versions < V4.5 are affected by CVE-2020-7590. In addition, serial numbers < 40000 running software V4.4.0 are also affected by CVE-2020-15797). Improper Access Control could allow an unauthenticated attacker to escape from the restricted environment (“kiosk mode”) and access the underlying operating system. Successful exploitation requires direct physical access to the system.
|
|||||
| CVE-2020-15390 | 1 Pega | 1 Pega Platform | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
pyActivity in Pega Platform 8.4.0.237 has a security misconfiguration that leads to an improper access control vulnerability via =GetWebInfo.
|
|||||
| CVE-2020-15248 | 1 Octobercms | 1 October | 2024-11-21 | 4.6 MEDIUM | 4.0 MEDIUM |
|
October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. In October CMS from version 1.0.319 and before version 1.0.470, backend users with the default "Publisher" system role have access to create & manage users where they can choose which role the new user has. This means that a user with "Publisher" access has the ability to escalate their access to "Developer" access. Issue has been patched in Build 470 (v1.0.470) & v1.1.1.
|
|||||
| CVE-2020-15149 | 1 Nodebb | 1 Nodebb | 2024-11-21 | 6.5 MEDIUM | 9.9 CRITICAL |
|
NodeBB before version 1.14.3 has a bug introduced in version 1.12.2 in the validation logic that makes it possible to change the password of any user on a running NodeBB forum by sending a specially crafted socket.io call to the server. This could lead to a privilege escalation event due via an account takeover. As a workaround you may cherry-pick the following commit from the project's repository to your running instance of NodeBB: 16cee1b03ba3eee177834a1fdac4aa8a12b39d2a. This is fixed in vers ...
Show More |
|||||
| CVE-2020-14976 | 1 Gns3 | 2 Gns3, Ubridge | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
|
GNS3 ubridge through 0.9.18 on macOS, as used in GNS3 server before 2.1.17, allows a local attacker to read arbitrary files because it handles configuration-file errors by printing the configuration file while executing in a setuid root context.
|
|||||
| CVE-2020-14493 | 1 Openclinic Ga Project | 1 Openclinic Ga | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
A low-privilege user may use SQL syntax to write arbitrary files to the OpenClinic GA 5.09.02 and 5.89.05b server, which may allow the execution of arbitrary commands.
|
|||||
| CVE-2020-14318 | 2 Redhat, Samba | 3 Enterprise Linux, Storage, Samba | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
|
A flaw was found in the way samba handled file and directory permissions. An authenticated user could use this flaw to gain access to certain file and directory information which otherwise would be unavailable to the attacker.
|
|||||