|
210161
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
An issue was discovered in the Linux kernel before 5.6.5. There is a use-after-free in block/bfq-iosched.c related to bfq_idle_slice_timer_body.
|
CWE-416
Use After Free
|
CVE-2020-12657
|
2024-11-21 14:00 |
2020-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210162
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
An issue was discovered in xfs_agf_verify in fs/xfs/libxfs/xfs_alloc.c in the Linux kernel through 5.6.10. Attackers may trigger a sync of excessive duration via an XFS v5 image with crafted metadata…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2020-12655
|
2024-11-21 14:00 |
2020-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210163
|
5.5 |
MEDIUM
Local
|
linux
canonical
opensuse
|
linux_kernel
ubuntu_linux
leap
|
gss_mech_free in net/sunrpc/auth_gss/gss_mech_switch.c in the rpcsec_gss_krb5 implementation in the Linux kernel through 5.6.10 lacks certain domain_release calls, leading to a memory leak. Note: Thi…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2020-12656
|
2024-11-21 14:00 |
2020-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210164
|
7.8 |
HIGH
Local
|
beyondtrust
|
privilege_management_for_windows
|
An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6. If the publisher criteria is selected, it defines the name of a publisher that must be present in the certificate …
|
NVD-CWE-noinfo
|
CVE-2020-12614
|
2024-11-21 13:59 |
2023-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210165
|
7.8 |
HIGH
Local
|
beyondtrust
|
privilege_management_for_windows
|
An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6. When adding the Add Admin token to a process, and specifying that it runs at medium integrity with the user owning…
|
NVD-CWE-noinfo
|
CVE-2020-12615
|
2024-11-21 13:59 |
2023-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210166
|
7.8 |
HIGH
Local
|
beyondtrust
|
privilege_management_for_windows
|
An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6. When specifying a program to elevate, it can typically be found within the Program Files (x86) folder and therefor…
|
NVD-CWE-noinfo
|
CVE-2020-12612
|
2024-11-21 13:59 |
2023-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210167
|
8.8 |
HIGH
Network
|
beyondtrust
|
privilege_management_for_windows
|
An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6. An attacker can spawn a process with multiple users as part of the security token (prior to Avecto elevation). Whe…
|
NVD-CWE-noinfo
|
CVE-2020-12613
|
2024-11-21 13:59 |
2023-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210168
|
5.9 |
MEDIUM
Network
|
mozilla
|
firefox
firefox_esr
|
The Raccoon attack is a timing attack on DHE ciphersuites inherit in the TLS specification. To mitigate this vulnerability, Firefox disabled support for DHE ciphersuites.
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2020-12413
|
2024-11-21 13:59 |
2023-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210169
|
7.8 |
HIGH
Local
|
pilz
codesys
festo
wago
|
pmc
control_for_beaglebone
control_for_empc-a\/imx6
control_for_iot2000
control_for_pfc100
control_for_pfc200
control_for_plcnext
control_for_raspberry_pi
hmi_v3
control_v3…
|
In CODESYS V3 products in all versions prior V3.5.16.0 containing the CmpUserMgr, the CODESYS Control runtime system stores the online communication passwords using a weak hashing algorithm. This can…
|
CWE-916
Use of Password Hash With Insufficient Computational Effort
|
CVE-2020-12069
|
2024-11-21 13:59 |
2022-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210170
|
7.5 |
HIGH
Network
|
pilz
|
pmc
|
In Pilz PMC programming tool 3.x before 3.5.17 (based on CODESYS Development System), a user's password may be changed by an attacker without knowledge of the current password.
|
CWE-640
Weak Password Recovery Mechanism for Forgotten Password
|
CVE-2020-12067
|
2024-11-21 13:59 |
2022-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
