|
199051
|
6.5 |
MEDIUM
Network
|
mcafee
|
data_loss_prevention
|
Privilege escalation vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows a low privileged remote attacker to create new rule sets via incorrect validation of user …
|
CWE-269
Improper Privilege Management
|
CVE-2020-7305
|
2024-11-21 14:37 |
2020-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199052
|
7.6 |
HIGH
Adjacent
|
mcafee
|
data_loss_prevention
|
Cross site request forgery vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows authenticated remote attacker to embed a CRSF script via adding a new label.
|
CWE-352
Origin Validation Error
|
CVE-2020-7304
|
2024-11-21 14:37 |
2020-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199053
|
4.1 |
MEDIUM
Adjacent
|
mcafee
|
data_loss_prevention
|
Cross Site scripting vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows authenticated remote user to trigger scripts to run in a user's browser via adding a new l…
|
CWE-79
Cross-site Scripting
|
CVE-2020-7303
|
2024-11-21 14:37 |
2020-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199054
|
6.4 |
MEDIUM
Network
|
mcafee
|
data_loss_prevention
|
Unrestricted Upload of File with Dangerous Type in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows authenticated attackers to upload malicious files to the DLP case management …
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2020-7302
|
2024-11-21 14:37 |
2020-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199055
|
4.6 |
MEDIUM
Network
|
mcafee
|
data_loss_prevention
|
Cross Site scripting vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows authenticated attackers to trigger alerts via the file upload tab in the DLP case manageme…
|
CWE-79
Cross-site Scripting
|
CVE-2020-7301
|
2024-11-21 14:37 |
2020-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199056
|
6.3 |
MEDIUM
Network
|
mcafee
|
data_loss_prevention
|
Improper Authorization vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows authenticated remote attackers to change the configuration when logged in with view only…
|
CWE-863
Incorrect Authorization
|
CVE-2020-7300
|
2024-11-21 14:37 |
2020-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199057
|
7.8 |
HIGH
Local
|
documalis
|
free_pdf_scanner
free_pdf_editor
|
Documalis Free PDF Editor version 5.7.2.26 and Documalis Free PDF Scanner version 5.7.2.122 do not appropriately validate the contents of JPEG images contained within a PDF. Attackers can exploit thi…
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-7374
|
2024-11-21 14:37 |
2020-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199058
|
8.8 |
HIGH
Network
|
handysoft
|
hslogin2.dll
|
hslogin2.dll ActiveX Control in Groupware contains a vulnerability that could allow remote files to be downloaded and executed by setting the arguments to the activex method. This is due to a lack of…
|
CWE-354
Improper Validation of Integrity Check Value
|
CVE-2020-7810
|
2024-11-21 14:37 |
2020-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199059
|
7.8 |
HIGH
Local
|
raonwiz
|
k_upload
|
MyBrowserPlus downloads the files needed to run the program through the setup file (Setup.inf). At this time, there is a vulnerability in downloading arbitrary files due to insufficient integrity ver…
|
CWE-494
Download of Code Without Integrity Check
|
CVE-2020-7817
|
2024-11-21 14:37 |
2020-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199060
|
7.0 |
HIGH
Local
|
freebsd
|
freebsd
|
In FreeBSD 12.1-STABLE before r363918, 12.1-RELEASE before p8, 11.4-STABLE before r363919, 11.4-RELEASE before p2, and 11.3-RELEASE before p12, the sendmsg system call in the compat32 subsystem on 64…
|
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2020-7460
|
2024-11-21 14:37 |
2020-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
