Total
13459 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-4722 | 1 Ibm | 1 I2 Analysts Notebook | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
|
IBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 187870.
|
|||||
| CVE-2020-4721 | 1 Ibm | 1 I2 Analysts Notebook | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
|
IBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 187868.
|
|||||
| CVE-2020-4587 | 1 Ibm | 2 Connect\, Sterling Connect\ | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
IBM Sterling Connect:Direct for UNIX 4.2.0, 4.3.0, 6.0.0, and 6.1.0 is vulnerable to a stack based buffer ovreflow, caused by improper bounds checking. A local attacker could manipulate CD UNIX to obtain root provileges. IBM X-Force ID: 184578.
|
|||||
| CVE-2020-4554 | 1 Ibm | 1 I2 Analysts Notebook | 2024-11-21 | 6.9 MEDIUM | 7.8 HIGH |
|
IBM i2 Analyst Notebook 9.2.1 and 9.2.2 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 183322.
|
|||||
| CVE-2020-4553 | 1 Ibm | 1 I2 Analysts Notebook | 2024-11-21 | 6.9 MEDIUM | 7.8 HIGH |
|
IBM i2 Analyst Notebook 9.2.1 and 9.2.2 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 183321.
|
|||||
| CVE-2020-4552 | 1 Ibm | 1 I2 Analysts Notebook | 2024-11-21 | 6.9 MEDIUM | 7.8 HIGH |
|
IBM i2 Analyst Notebook 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 183320.
|
|||||
| CVE-2020-4551 | 1 Ibm | 1 I2 Analysts Notebook | 2024-11-21 | 6.9 MEDIUM | 7.8 HIGH |
|
IBM i2 Analyst Notebook 9.2.1 and 9.2.2 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 183319.
|
|||||
| CVE-2020-4550 | 1 Ibm | 1 I2 Analysts Notebook | 2024-11-21 | 6.9 MEDIUM | 7.8 HIGH |
|
IBM i2 Analyst Notebook 9.2.1 and 9.2.2 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 183318.
|
|||||
| CVE-2020-4549 | 1 Ibm | 1 I2 Analysts Notebook | 2024-11-21 | 6.9 MEDIUM | 7.8 HIGH |
|
IBM i2 Analyst Notebook 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 183317.
|
|||||
| CVE-2020-4468 | 2 Ibm, Microsoft | 2 I2 Analysts Notebook, Windows | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
|
IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacker to execute arbitrary code on the system, caused by memory corruption. By persuading a victim to open a specially-crafted document, a remote attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the victim or cause the application to crash. IBM X-Force ID: 181723.
|
|||||
| CVE-2020-4467 | 2 Ibm, Microsoft | 2 I2 Analysts Notebook, Windows | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
|
IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacker to execute arbitrary code on the system, caused by memory corruption. By persuading a victim to open a specially-crafted document, a remote attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the victim or cause the application to crash. IBM X-Force ID: 181721.
|
|||||
| CVE-2020-4435 | 1 Ibm | 10 Aspera Application Platform On Demand, Aspera Faspex On Demand, Aspera High-speed Transfer Endpoint and 7 more | 2024-11-21 | 6.0 MEDIUM | 7.5 HIGH |
|
Certain IBM Aspera applications are vulnerable to arbitrary memory corruption based on the product configuration, which could allow an attacker with intimate knowledge of the system to execute arbitrary code or perform a denial-of-service (DoS) through the http fallback service. IBM X-Force ID: 180901.
|
|||||
| CVE-2020-4433 | 1 Ibm | 10 Aspera Application Platform On Demand, Aspera Faspex On Demand, Aspera High-speed Transfer Endpoint and 7 more | 2024-11-21 | 9.3 HIGH | 7.5 HIGH |
|
Certain IBM Aspera applications are vulnerable to a stack-based buffer overflow, caused by improper bounds checking. This could allow a remote attacker with intimate knowledge of the server to execute arbitrary code on the system with the privileges of root or cause server to crash. IBM X-Force ID: 180814.
|
|||||
| CVE-2020-4422 | 2 Ibm, Microsoft | 2 I2 Analysts Notebook, Windows | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
|
IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially crafted file, a remote attacker could exploit this vulnerability to execute arbitrary code on the system or cause the application to crash. IBM X-Force ID: 180167.
|
|||||
| CVE-2020-4415 | 1 Ibm | 1 Spectrum Protect | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
IBM Spectrum Protect 7.1 and 8.1 server is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. This could allow a remote attacker to execute arbitrary code on the system with the privileges of an administrator or user associated with the Spectrum Protect server or cause the Spectrum Protect server to crash. IBM X-Force ID: 179990.
|
|||||
| CVE-2020-4343 | 2 Ibm, Microsoft | 2 I2 Analysts Notebook, Windows | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
|
IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially crafted file, a remote attacker could exploit this vulnerability to execute arbitrary code on the system or cause the application to crash. IBM X-Force ID: 178244.
|
|||||
| CVE-2020-4288 | 2 Ibm, Microsoft | 2 I2 Analysts Notebook, Windows | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
|
IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption error. By persuading a victim to open a specially-crafted document, a remote attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the victim or cause the application to crash. IBM X-Force ID: 176270.
|
|||||
| CVE-2020-4287 | 2 Ibm, Microsoft | 2 I2 Analysts Notebook, Windows | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
|
IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption error. By persuading a victim to open a specially-crafted document, a remote attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the victim or cause the application to crash. IBM X-Force ID: 176269.
|
|||||
| CVE-2020-4285 | 2 Ibm, Microsoft | 2 I2 Analysts Notebook, Windows | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
|
IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption error. By persuading a victim to open a specially-crafted document, a remote attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the victim or cause the application to crash. IBM X-Force ID: 176266
|
|||||
| CVE-2020-4266 | 2 Ibm, Microsoft | 2 I2 Analysts Notebook, Windows | 2024-11-21 | 6.9 MEDIUM | 7.8 HIGH |
|
IBM i2 Intelligent Analyis Platform 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 175649.
|
|||||
| CVE-2020-4265 | 2 Ibm, Microsoft | 2 I2 Analysts Notebook, Windows | 2024-11-21 | 6.9 MEDIUM | 7.3 HIGH |
|
IBM i2 Intelligent Analyis Platform 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 175648.
|
|||||
| CVE-2020-4264 | 2 Ibm, Microsoft | 2 I2 Analysts Notebook, Windows | 2024-11-21 | 6.9 MEDIUM | 7.8 HIGH |
|
IBM i2 Intelligent Analyis Platform 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 175647.
|
|||||
| CVE-2020-4263 | 2 Ibm, Microsoft | 2 I2 Analysts Notebook, Windows | 2024-11-21 | 6.9 MEDIUM | 7.8 HIGH |
|
IBM i2 Intelligent Analyis Platform 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 175646.
|
|||||
| CVE-2020-4262 | 2 Ibm, Microsoft | 2 I2 Analysts Notebook, Windows | 2024-11-21 | 6.9 MEDIUM | 7.8 HIGH |
|
IBM i2 Intelligent Analyis Platform 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 175645.
|
|||||
| CVE-2020-4261 | 2 Ibm, Microsoft | 2 I2 Analysts Notebook, Windows | 2024-11-21 | 6.9 MEDIUM | 7.8 HIGH |
|
IBM i2 Intelligent Analyis Platform 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 175644.
|
|||||
| CVE-2020-4258 | 2 Ibm, Microsoft | 2 I2 Analysts Notebook, Windows | 2024-11-21 | 6.9 MEDIUM | 7.8 HIGH |
|
IBM i2 Intelligent Analyis Platform 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 175637.
|
|||||
| CVE-2020-4257 | 2 Ibm, Microsoft | 2 I2 Analysts Notebook, Windows | 2024-11-21 | 6.9 MEDIUM | 7.8 HIGH |
|
IBM i2 Intelligent Analyis Platform 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 175635.
|
|||||
| CVE-2020-3989 | 1 Vmware | 3 Horizon Client, Workstation Player, Workstation Pro | 2024-11-21 | 2.1 LOW | 3.3 LOW |
|
VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain a denial of service vulnerability due to an out-of-bounds write issue in Cortado ThinPrint component. A malicious actor with normal access to a virtual machine may be able to exploit this issue to create a partial denial-of-service condition on the system where Workstation or Horizon Client for Windows is installed. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by ...
Show More |
|||||
| CVE-2020-3982 | 2 Apple, Vmware | 6 Mac Os X, Cloud Foundation, Esxi and 3 more | 2024-11-21 | 4.9 MEDIUM | 7.7 HIGH |
|
VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202008101-SG, 6.5 before ESXi650-202007101-SG), Workstation (15.x), Fusion (11.x before 11.5.6) contain an out-of-bounds write vulnerability due to a time-of-check time-of-use issue in ACPI device. A malicious actor with administrative access to a virtual machine may be able to exploit this vulnerability to crash the virtual machine's vmx process or corrupt hypervisor's memory heap.
|
|||||
| CVE-2020-3971 | 1 Vmware | 4 Cloud Foundation, Esxi, Fusion and 1 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201907101-SG), Workstation (15.x before 15.0.2), and Fusion (11.x before 11.0.2) contain a heap overflow vulnerability in the vmxnet3 virtual network adapter. A malicious actor with local access to a virtual machine with a vmxnet3 network adapter present may be able to read privileged information contained in physical memory.
|
|||||
| CVE-2020-3968 | 1 Vmware | 4 Cloud Foundation, Esxi, Fusion and 1 more | 2024-11-21 | 4.6 MEDIUM | 8.2 HIGH |
|
VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain an out-of-bounds write vulnerability in the USB 3.0 controller (xHCI). A malicious actor with local administrative privileges on a virtual machine may be able to exploit this issue to crash the virtual machine's vmx process leading to a denial of service condition or execute code on the hypervisor from a ...
Show More |
|||||
| CVE-2020-3967 | 1 Vmware | 4 Cloud Foundation, Esxi, Fusion and 1 more | 2024-11-21 | 4.4 MEDIUM | 7.5 HIGH |
|
VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain a heap-overflow vulnerability in the USB 2.0 controller (EHCI). A malicious actor with local access to a virtual machine may be able to exploit this vulnerability to execute code on the hypervisor from a virtual machine. Additional conditions beyond the attacker's control must be present for exploitation ...
Show More |
|||||
| CVE-2020-3951 | 2 Microsoft, Vmware | 3 Windows, Horizon Client, Workstation | 2024-11-21 | 2.1 LOW | 3.8 LOW |
|
VMware Workstation (15.x before 15.5.2) and Horizon Client for Windows (5.x and prior before 5.4.0) contain a denial-of-service vulnerability due to a heap-overflow issue in Cortado Thinprint. Attackers with non-administrative access to a guest VM with virtual printing enabled may exploit this issue to create a denial-of-service condition of the Thinprint service running on the system where Workstation or Horizon Client is installed.
|
|||||
| CVE-2020-3905 | 1 Apple | 1 Mac Os X | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
|
A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.4. A malicious application may be able to execute arbitrary code with kernel privileges.
|
|||||
| CVE-2020-3904 | 1 Apple | 1 Mac Os X | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
|
Multiple memory corruption issues were addressed with improved state management. This issue is fixed in macOS Catalina 10.15.4. A malicious application may be able to execute arbitrary code with kernel privileges.
|
|||||
| CVE-2020-3903 | 1 Apple | 1 Mac Os X | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
|
A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.4. An application may be able to execute arbitrary code with system privileges.
|
|||||
| CVE-2020-3900 | 1 Apple | 7 Icloud, Ipad Os, Iphone Os and 4 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.
|
|||||
| CVE-2020-3898 | 1 Apple | 1 Mac Os X | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Catalina 10.15.4. An application may be able to gain elevated privileges.
|
|||||
| CVE-2020-3895 | 1 Apple | 7 Icloud, Ipad Os, Iphone Os and 4 more | 2024-11-21 | 9.3 HIGH | 8.8 HIGH |
|
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution.
|
|||||
| CVE-2020-3893 | 1 Apple | 1 Mac Os X | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
|
A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.4. A malicious application may be able to execute arbitrary code with kernel privileges.
|
|||||