Total
2083 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-15797 | 1 Siemens | 2 Dca Vantage Analyzer, Dca Vantage Analyzer Firmware | 2024-11-21 | 6.8 Medium |
| A vulnerability has been identified in DCA Vantage Analyzer (All versions < V4.5 are affected by CVE-2020-7590. In addition, serial numbers < 40000 running software V4.4.0 are also affected by CVE-2020-15797). Improper Access Control could allow an unauthenticated attacker to escape from the restricted environment (“kiosk mode”) and access the underlying operating system. Successful exploitation requires direct physical access to the system. | ||||
| CVE-2020-15390 | 1 Pega | 1 Pega Platform | 2024-11-21 | 9.8 Critical |
| pyActivity in Pega Platform 8.4.0.237 has a security misconfiguration that leads to an improper access control vulnerability via =GetWebInfo. | ||||
| CVE-2020-15257 | 4 Debian, Fedoraproject, Linuxfoundation and 1 more | 4 Debian Linux, Fedora, Containerd and 1 more | 2024-11-21 | 5.2 Medium |
| containerd is an industry-standard container runtime and is available as a daemon for Linux and Windows. In containerd before versions 1.3.9 and 1.4.3, the containerd-shim API is improperly exposed to host network containers. Access controls for the shim’s API socket verified that the connecting process had an effective UID of 0, but did not otherwise restrict access to the abstract Unix domain socket. This would allow malicious containers running in the same network namespace as the shim, with an effective UID of 0 but otherwise reduced privileges, to cause new processes to be run with elevated privileges. This vulnerability has been fixed in containerd 1.3.9 and 1.4.3. Users should update to these versions as soon as they are released. It should be noted that containers started with an old version of containerd-shim should be stopped and restarted, as running containers will continue to be vulnerable even after an upgrade. If you are not providing the ability for untrusted users to start containers in the same network namespace as the shim (typically the "host" network namespace, for example with docker run --net=host or hostNetwork: true in a Kubernetes pod) and run with an effective UID of 0, you are not vulnerable to this issue. If you are running containers with a vulnerable configuration, you can deny access to all abstract sockets with AppArmor by adding a line similar to deny unix addr=@**, to your policy. It is best practice to run containers with a reduced set of privileges, with a non-zero UID, and with isolated namespaces. The containerd maintainers strongly advise against sharing namespaces with the host. Reducing the set of isolation mechanisms used for a container necessarily increases that container's privilege, regardless of what container runtime is used for running that container. | ||||
| CVE-2020-15248 | 1 Octobercms | 1 October | 2024-11-21 | 4 Medium |
| October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. In October CMS from version 1.0.319 and before version 1.0.470, backend users with the default "Publisher" system role have access to create & manage users where they can choose which role the new user has. This means that a user with "Publisher" access has the ability to escalate their access to "Developer" access. Issue has been patched in Build 470 (v1.0.470) & v1.1.1. | ||||
| CVE-2020-15149 | 1 Nodebb | 1 Nodebb | 2024-11-21 | 9.9 Critical |
| NodeBB before version 1.14.3 has a bug introduced in version 1.12.2 in the validation logic that makes it possible to change the password of any user on a running NodeBB forum by sending a specially crafted socket.io call to the server. This could lead to a privilege escalation event due via an account takeover. As a workaround you may cherry-pick the following commit from the project's repository to your running instance of NodeBB: 16cee1b03ba3eee177834a1fdac4aa8a12b39d2a. This is fixed in version 1.14.3. | ||||
| CVE-2020-14976 | 1 Gns3 | 2 Gns3, Ubridge | 2024-11-21 | 5.5 Medium |
| GNS3 ubridge through 0.9.18 on macOS, as used in GNS3 server before 2.1.17, allows a local attacker to read arbitrary files because it handles configuration-file errors by printing the configuration file while executing in a setuid root context. | ||||
| CVE-2020-14493 | 1 Openclinic Ga Project | 1 Openclinic Ga | 2024-11-21 | 8.8 High |
| A low-privilege user may use SQL syntax to write arbitrary files to the OpenClinic GA 5.09.02 and 5.89.05b server, which may allow the execution of arbitrary commands. | ||||
| CVE-2020-14318 | 2 Redhat, Samba | 3 Enterprise Linux, Storage, Samba | 2024-11-21 | 4.3 Medium |
| A flaw was found in the way samba handled file and directory permissions. An authenticated user could use this flaw to gain access to certain file and directory information which otherwise would be unavailable to the attacker. | ||||
| CVE-2020-14215 | 1 Zulip | 1 Zulip Server | 2024-11-21 | 7.5 High |
| Zulip Server before 2.1.5 has Incorrect Access Control because 0198_preregistrationuser_invited_as adds the administrator role to invitations. | ||||
| CVE-2020-14194 | 1 Zulip | 1 Zulip Server | 2024-11-21 | 5.4 Medium |
| Zulip Server before 2.1.5 allows reverse tabnapping via a topic header link. | ||||
| CVE-2020-14162 | 1 Pi-hole | 1 Pi-hole | 2024-11-21 | 7.8 High |
| An issue was discovered in Pi-Hole through 5.0. The local www-data user has sudo privileges to execute the pihole core script as root without a password, which could allow an attacker to obtain root access via shell metacharacters to this script's setdns command. | ||||
| CVE-2020-14032 | 1 Asrock | 1 Box-r1000 Firmware | 2024-11-21 | 9.8 Critical |
| ASRock 4x4 BOX-R1000 before BIOS P1.40 allows privilege escalation via code execution in the SMM. | ||||
| CVE-2020-13854 | 1 Pandorafms | 1 Pandora Fms | 2024-11-21 | 9.8 Critical |
| Artica Pandora FMS 7.44 allows privilege escalation. | ||||
| CVE-2020-13776 | 4 Fedoraproject, Netapp, Redhat and 1 more | 6 Fedora, Active Iq Unified Manager, Solidfire \& Hci Management Node and 3 more | 2024-11-21 | 6.7 Medium |
| systemd through v245 mishandles numerical usernames such as ones composed of decimal digits or 0x followed by hex digits, as demonstrated by use of root privileges when privileges of the 0x0 user account were intended. NOTE: this issue exists because of an incomplete fix for CVE-2017-1000082. | ||||
| CVE-2020-13695 | 1 Quickbox | 1 Quickbox | 2024-11-21 | 7.2 High |
| In QuickBox Community Edition through 2.5.5 and Pro Edition through 2.1.8, the local www-data user has sudo privileges to execute grep as root without a password, which allows an attacker to obtain sensitive information via a grep of a /root/*.db or /etc/shadow file. | ||||
| CVE-2020-13638 | 1 Rconfig | 1 Rconfig | 2024-11-21 | 9.8 Critical |
| lib/crud/userprocess.php in rConfig 3.9.x before 3.9.7 has an authentication bypass, leading to administrator account creation. This issue has been fixed in 3.9.7. | ||||
| CVE-2020-13522 | 1 Softperfect | 1 Ram Disk | 2024-11-21 | 7.1 High |
| An exploitable arbitrary file delete vulnerability exists in SoftPerfect RAM Disk 4.1 spvve.sys driver. A specially crafted I/O request packet (IRP) can allow an unprivileged user to delete any file on the filesystem. An attacker can send a malicious IRP to trigger this vulnerability. | ||||
| CVE-2020-13519 | 1 Nzxt | 1 Cam | 2024-11-21 | 8.8 High |
| A privilege escalation vulnerability exists in the WinRing0x64 Driver IRP 0x9c402088 functionality of NZXT CAM 4.8.0. A specially crafted I/O request packet (IRP) can cause increased privileges. An attacker can send a malicious IRP to trigger this vulnerability. | ||||
| CVE-2020-13518 | 1 Nzxt | 1 Cam | 2024-11-21 | 6.5 Medium |
| An information disclosure vulnerability exists in the WinRing0x64 Driver IRP 0x9c402084 functionality of NZXT CAM 4.8.0. A specially crafted I/O request packet (IRP) can cause the disclosure of sensitive information. An attacker can send a malicious IRP to trigger this vulnerability. | ||||
| CVE-2020-13517 | 1 Nzxt | 1 Cam | 2024-11-21 | 5.5 Medium |
| An information disclosure vulnerability exists in the WinRing0x64 Driver IRP 0x9c406104 functionality of NZXT CAM 4.8.0. A specially crafted I/O request packet (IRP) can cause the disclosure of sensitive information. An attacker can send a malicious IRP to trigger this vulnerability. | ||||