CWE-CWE-706 CVE - CVE Search - CVE Details

Filtered by CWE-706

Total 46 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2019-8395	1 Zohocorp	1 Manageengine Servicedesk Plus	2020-08-24	7.5 HIGH	9.8 CRITICAL
An Insecure Direct Object Reference (IDOR) vulnerability exists in Zoho ManageEngine ServiceDesk Plus (SDP) before 10.0 build 10007 via an attachment to a request.
CVE-2019-0816	2 Canonical, Microsoft	2 Ubuntu Linux, Azure	2020-08-24	1.9 LOW	5.1 MEDIUM
A security feature bypass exists in Azure SSH Keypairs, due to a change in the provisioning logic for some Linux images that use cloud-init, aka 'Azure SSH Keypairs Security Feature Bypass Vulnerability'.
CVE-2019-0571	1 Microsoft	3 Windows 10, Windows Server 2016, Windows Server 2019	2020-08-24	6.8 MEDIUM	7.8 HIGH
An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly handles file operations, aka "Windows Data Sharing Service Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows Server 2019, Windows 10 Servers. This CVE ID is unique from CVE-2019-0572, CVE-2019-0573, CVE-2019-0574.
CVE-2019-1351	2 Microsoft, Opensuse	3 Visual Studio 2017, Visual Studio 2019, Leap	2020-08-24	5.0 MEDIUM	7.5 HIGH
A tampering vulnerability exists when Git for Visual Studio improperly handles virtual drive paths, aka 'Git for Visual Studio Tampering Vulnerability'.
CVE-2020-10574	1 Meetecho	1 Janus	2020-03-18	7.5 HIGH	9.8 CRITICAL
An issue was discovered in Janus through 0.9.1. janus.c tries to use a string that doesn't actually exist during a "query_logger" Admin API request, because of a typo in the JSON validation.
CVE-2018-6112	3 Debian, Google, Redhat	5 Debian Linux, Chrome, Enterprise Linux Desktop and 2 more	2019-10-02	4.3 MEDIUM	4.3 MEDIUM
Making URLs clickable and allowing them to be styled in DevTools in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

Vulnerabilities (CVE)