Total
22706 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-17013 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2020-11-18 | 2.1 LOW | 5.5 MEDIUM |
| Win32k Information Disclosure Vulnerability | |||||
| CVE-2020-17000 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2020-11-18 | 2.1 LOW | 5.5 MEDIUM |
| Remote Desktop Protocol Client Information Disclosure Vulnerability | |||||
| CVE-2020-17082 | 1 Microsoft | 1 Raw Image Extension | 2020-11-17 | 7.5 HIGH | 9.8 CRITICAL |
| Raw Image Extension Remote Code Execution Vulnerability This CVE ID is unique from CVE-2020-17078, CVE-2020-17079, CVE-2020-17086. | |||||
| CVE-2020-17078 | 1 Microsoft | 1 Raw Image Extension | 2020-11-17 | 7.5 HIGH | 9.8 CRITICAL |
| Raw Image Extension Remote Code Execution Vulnerability This CVE ID is unique from CVE-2020-17079, CVE-2020-17082, CVE-2020-17086. | |||||
| CVE-2020-17086 | 1 Microsoft | 1 Raw Image Extension | 2020-11-17 | 7.5 HIGH | 9.8 CRITICAL |
| Raw Image Extension Remote Code Execution Vulnerability This CVE ID is unique from CVE-2020-17078, CVE-2020-17079, CVE-2020-17082. | |||||
| CVE-2020-17079 | 1 Microsoft | 1 Raw Image Extension | 2020-11-17 | 7.5 HIGH | 9.8 CRITICAL |
| Raw Image Extension Remote Code Execution Vulnerability This CVE ID is unique from CVE-2020-17078, CVE-2020-17082, CVE-2020-17086. | |||||
| CVE-2020-17081 | 1 Microsoft | 1 Raw Image Extension | 2020-11-17 | 5.0 MEDIUM | 7.5 HIGH |
| Microsoft Raw Image Extension Information Disclosure Vulnerability | |||||
| CVE-2020-0418 | 1 Google | 1 Android | 2020-11-17 | 4.6 MEDIUM | 7.8 HIGH |
| In getPermissionInfosForGroup of Utils.java, there is a logic error. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-153879813 | |||||
| CVE-2020-27977 | 1 Capasystems | 1 Capainstaller | 2020-11-17 | 4.6 MEDIUM | 7.8 HIGH |
| CapaSystems CapaInstaller before 6.0.101 does not properly assign, modify, or check privileges for an actor who attempts to edit registry values, allowing an attacker to escalate privileges. | |||||
| CVE-2020-6015 | 1 Checkpoint | 1 Endpoint Security | 2020-11-17 | 2.1 LOW | 5.5 MEDIUM |
| Check Point Endpoint Security for Windows before E84.10 can reach denial of service during clean install of the client which will prevent the storage of service log files in non-standard locations. | |||||
| CVE-2020-16979 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2020-11-16 | 4.0 MEDIUM | 6.5 MEDIUM |
| Microsoft SharePoint Information Disclosure Vulnerability This CVE ID is unique from CVE-2020-17017. | |||||
| CVE-2009-2299 | 2 Apache, Hyperguard Web Application Firewall Project | 2 Http Server, Hyperguard Web Application Firewall | 2020-11-16 | 5.0 MEDIUM | N/A |
| The Artofdefence Hyperguard Web Application Firewall (WAF) module before 2.5.5-11635, 3.0 before 3.0.3-11636, and 3.1 before 3.1.1-11637, a module for the Apache HTTP Server, allows remote attackers to cause a denial of service (memory consumption) via an HTTP request with a large Content-Length value but no POST data. | |||||
| CVE-2011-1176 | 3 Apache, Debian, Mpm-itk Project | 3 Http Server, Debian Linux, Mpm-itk | 2020-11-16 | 4.3 MEDIUM | N/A |
| The configuration merger in itk.c in the Steinar H. Gunderson mpm-itk Multi-Processing Module 2.2.11-01 and 2.2.11-02 for the Apache HTTP Server does not properly handle certain configuration sections that specify NiceValue but not AssignUserID, which might allow remote attackers to gain privileges by leveraging the root uid and root gid of an mpm-itk process. | |||||
| CVE-2019-1010023 | 1 Gnu | 1 Glibc | 2020-11-16 | 6.8 MEDIUM | 8.8 HIGH |
| ** DISPUTED ** GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat." | |||||
| CVE-2005-2654 | 1 Phpldapadmin Project | 1 Phpldapadmin | 2020-11-16 | 7.5 HIGH | N/A |
| phpldapadmin before 0.9.6c allows remote attackers to gain anonymous access to the LDAP server, even when disable_anon_bind is set, via an HTTP request to login.php with the anonymous_bind parameter set. | |||||
| CVE-2020-5793 | 2 Microsoft, Tenable | 3 Windows, Nessus, Nessus Agent | 2020-11-16 | 7.2 HIGH | 7.8 HIGH |
| A vulnerability in Nessus versions 8.9.0 through 8.12.0 for Windows & Nessus Agent 8.0.0 and 8.1.0 for Windows could allow an authenticated local attacker to copy user-supplied files to a specially constructed path in a specifically named user directory. An attacker could exploit this vulnerability by creating a malicious file and copying the file to a system directory. The attacker needs valid credentials on the Windows system to exploit this vulnerability. | |||||
| CVE-2020-17062 | 1 Microsoft | 2 365 Apps, Office | 2020-11-16 | 9.3 HIGH | 7.8 HIGH |
| Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability | |||||
| CVE-2020-17061 | 1 Microsoft | 2 Sharepoint Foundation, Sharepoint Server | 2020-11-16 | 6.5 MEDIUM | 8.8 HIGH |
| Microsoft SharePoint Remote Code Execution Vulnerability | |||||
| CVE-2020-17069 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2020-11-16 | 2.1 LOW | 5.5 MEDIUM |
| Windows NDIS Information Disclosure Vulnerability | |||||
| CVE-2020-17064 | 1 Microsoft | 4 365 Apps, Excel, Office and 1 more | 2020-11-16 | 6.8 MEDIUM | 7.8 HIGH |
| Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2020-17019, CVE-2020-17065, CVE-2020-17066. | |||||