|
197741
|
6.7 |
MEDIUM
Local
|
mcafee
|
active_response
|
Improperly implemented security check in McAfee Active Response (MAR) prior to 2.4.4 may allow local administrators to execute malicious code via stopping a core Windows service leaving McAfee core t…
|
CWE-290
Authentication Bypass by Spoofing
|
CVE-2020-7326
|
2024-11-21 14:37 |
2020-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197742
|
8.2 |
HIGH
Local
|
mcafee
|
application_and_change_control
|
Improper privilege assignment vulnerability in the installer McAfee Application and Change Control (MACC) prior to 8.3.2 allows local administrators to change or update the configuration settings via…
|
CWE-269
Improper Privilege Management
|
CVE-2020-7334
|
2024-11-21 14:37 |
2020-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197743
|
8.1 |
HIGH
Network
|
rapid7
|
nexpose
|
A SQL Injection issue in Rapid7 Nexpose version prior to 6.6.49 that may have allowed an authenticated user with a low permission level to access resources & make changes they should not have been ab…
|
CWE-89
SQL Injection
|
CVE-2020-7383
|
2024-11-21 14:37 |
2020-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197744
|
4.3 |
MEDIUM
Adjacent
|
mcafee
|
epolicy_orchestrator
|
Cross-Site Scripting vulnerability in McAfee ePolicy Orchestrator (ePO) prior to 5.10.9 Update 9 allows administrators to inject arbitrary web script or HTML via multiple parameters where the adminis…
|
CWE-79
Cross-site Scripting
|
CVE-2020-7318
|
2024-11-21 14:37 |
2020-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197745
|
4.3 |
MEDIUM
Adjacent
|
mcafee
|
epolicy_orchestrator
|
Cross-Site Scripting vulnerability in McAfee ePolicy Orchistrator (ePO) prior to 5.10.9 Update 9 allows administrators to inject arbitrary web script or HTML via parameter values for "syncPointList" …
|
CWE-79
Cross-site Scripting
|
CVE-2020-7317
|
2024-11-21 14:37 |
2020-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197746
|
8.8 |
HIGH
Local
|
mcafee
|
total_protection
|
Privilege Escalation vulnerability in McAfee Total Protection (MTP) trial prior to 4.0.176.1 allows local users to schedule tasks which call malicious software to execute with elevated privileges via…
|
CWE-269
Improper Privilege Management
|
CVE-2020-7330
|
2024-11-21 14:37 |
2020-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197747
|
6.8 |
MEDIUM
Physics
|
siemens
|
dca_vantage_analyzer_firmware
|
A vulnerability has been identified in DCA Vantage Analyzer (All versions < V4.5 are affected by CVE-2020-7590. In addition, serial numbers < 40000 running software V4.4.0 are also affected by CVE-20…
|
-
|
CVE-2020-7590
|
2024-11-21 14:37 |
2020-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197748
|
7.3 |
HIGH
Network
|
mathjs
|
mathjs
|
The package mathjs before 7.5.1 are vulnerable to Prototype Pollution via the deepExtend function that runs upon configuration updates.
|
CWE-1321
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
|
CVE-2020-7743
|
2024-11-21 14:37 |
2020-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197749
|
7.8 |
HIGH
Local
|
samsung
|
update
|
Samsung Update 3.0.2.0 ~ 3.0.32.0 has a vulnerability that allows privilege escalation as commands crafted by attacker are executed while the engine deserializes the data received during inter-proces…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2020-7811
|
2024-11-21 14:37 |
2020-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197750
|
7.8 |
HIGH
Local
|
mcafee
|
file_and_removable_media_protection
|
Unquoted service path vulnerability in McAfee File and Removable Media Protection (FRP) prior to 5.3.0 allows local users to execute arbitrary code, with higher privileges, via execution and from a c…
|
CWE-428
Unquoted Search Path or Element
|
CVE-2020-7316
|
2024-11-21 14:37 |
2020-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
