|
210801
|
7.8 |
HIGH
Local
|
apple
|
mac_os_x
tvos
iphone_os
watchos
ipados
|
An issue existed within the path validation logic for symlinks. This issue was addressed with improved path sanitization. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, tvOS 1…
|
CWE-59
Link Following
|
CVE-2020-10003
|
2024-11-21 13:54 |
2020-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210802
|
5.5 |
MEDIUM
Local
|
apple
|
mac_os_x
tvos
itunes
iphone_os
watchos
icloud
ipados
|
A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, tvOS 14.2, iTunes 12.11 for Wi…
|
NVD-CWE-noinfo
|
CVE-2020-10002
|
2024-11-21 13:54 |
2020-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210803
|
7.3 |
HIGH
Local
|
acronis
|
true_image
|
Acronis True Image 2021 fails to properly set ACLs of the C:\ProgramData\Acronis directory. Because some privileged processes are executed from the C:\ProgramData\Acronis, an unprivileged user can ac…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2020-10140
|
2024-11-21 13:54 |
2020-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210804
|
7.8 |
HIGH
Local
|
acronis
|
true_image
|
Acronis True Image 2021 includes an OpenSSL component that specifies an OPENSSLDIR variable as a subdirectory within C:\jenkins_agent\. Acronis True Image contains a privileged service that uses this…
|
CWE-665
Improper Initialization
|
CVE-2020-10139
|
2024-11-21 13:54 |
2020-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210805
|
7.8 |
HIGH
Local
|
acronis
|
cyber_protect
cyber_backup
|
Acronis Cyber Backup 12.5 and Cyber Protect 15 include an OpenSSL component that specifies an OPENSSLDIR variable as a subdirectory within C:\jenkins_agent\. Acronis Cyber Backup and Cyber Protect co…
|
CWE-665
Improper Initialization
|
CVE-2020-10138
|
2024-11-21 13:54 |
2020-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210806
|
7.8 |
HIGH
Local
|
microsoft
|
windows_10
windows_server_2016
windows_server_2019
|
<p>An elevation of privilege vulnerability exists when the Windows Storage Services improperly handle file operations. An attacker who successfully exploited this vulnerability could gain elevated pr…
|
NVD-CWE-noinfo
|
CVE-2020-0764
|
2024-11-21 13:54 |
2020-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210807
|
5.5 |
MEDIUM
Local
|
microsoft
|
windows_10
windows_7
windows_server_2012
windows_server_2016
windows_rt_8.1
windows_server_2008
windows_8.1
windows_server_2019
|
Microsoft Graphics Component Denial of Service Vulnerability
|
NVD-CWE-noinfo
|
CVE-2020-0921
|
2024-11-21 13:54 |
2020-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210808
|
7.8 |
HIGH
Local
|
microsoft
|
windows_10
windows_server_2016
windows_server_2019
|
<p>An elevation of privilege vulnerability exists when the Microsoft Store Runtime improperly handles memory.</p>
<p>To exploit this vulnerability, an attacker would first have to gain execution on t…
|
NVD-CWE-noinfo
|
CVE-2020-0766
|
2024-11-21 13:54 |
2020-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210809
|
7.8 |
HIGH
Local
|
microsoft
|
windows_10
windows_server_2012
windows_server_2016
windows_rt_8.1
windows_8.1
windows_server_2019
|
<p>An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run process…
|
NVD-CWE-noinfo
|
CVE-2020-0998
|
2024-11-21 13:54 |
2020-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210810
|
7.8 |
HIGH
Local
|
microsoft
|
windows_10
windows_server_2016
windows_server_2019
|
<p>A remote code execution vulnerability exists when the Windows Camera Codec Pack improperly handles objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary c…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-0997
|
2024-11-21 13:54 |
2020-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
