|
210421
|
7.3 |
HIGH
Local
|
acronis
|
true_image
|
Acronis True Image 2021 fails to properly set ACLs of the C:\ProgramData\Acronis directory. Because some privileged processes are executed from the C:\ProgramData\Acronis, an unprivileged user can ac…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2020-10140
|
2024-11-21 13:54 |
2020-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210422
|
7.8 |
HIGH
Local
|
acronis
|
true_image
|
Acronis True Image 2021 includes an OpenSSL component that specifies an OPENSSLDIR variable as a subdirectory within C:\jenkins_agent\. Acronis True Image contains a privileged service that uses this…
|
CWE-665
Improper Initialization
|
CVE-2020-10139
|
2024-11-21 13:54 |
2020-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210423
|
7.8 |
HIGH
Local
|
acronis
|
cyber_protect
cyber_backup
|
Acronis Cyber Backup 12.5 and Cyber Protect 15 include an OpenSSL component that specifies an OPENSSLDIR variable as a subdirectory within C:\jenkins_agent\. Acronis Cyber Backup and Cyber Protect co…
|
CWE-665
Improper Initialization
|
CVE-2020-10138
|
2024-11-21 13:54 |
2020-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210424
|
7.8 |
HIGH
Local
|
microsoft
|
windows_10
windows_server_2016
windows_server_2019
|
<p>An elevation of privilege vulnerability exists when the Windows Storage Services improperly handle file operations. An attacker who successfully exploited this vulnerability could gain elevated pr…
|
NVD-CWE-noinfo
|
CVE-2020-0764
|
2024-11-21 13:54 |
2020-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210425
|
5.5 |
MEDIUM
Local
|
microsoft
|
windows_10
windows_7
windows_server_2012
windows_server_2016
windows_rt_8.1
windows_server_2008
windows_8.1
windows_server_2019
|
Microsoft Graphics Component Denial of Service Vulnerability
|
NVD-CWE-noinfo
|
CVE-2020-0921
|
2024-11-21 13:54 |
2020-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210426
|
7.8 |
HIGH
Local
|
microsoft
|
windows_10
windows_server_2016
windows_server_2019
|
<p>An elevation of privilege vulnerability exists when the Microsoft Store Runtime improperly handles memory.</p>
<p>To exploit this vulnerability, an attacker would first have to gain execution on t…
|
NVD-CWE-noinfo
|
CVE-2020-0766
|
2024-11-21 13:54 |
2020-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210427
|
7.8 |
HIGH
Local
|
microsoft
|
windows_10
windows_server_2012
windows_server_2016
windows_rt_8.1
windows_8.1
windows_server_2019
|
<p>An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run process…
|
NVD-CWE-noinfo
|
CVE-2020-0998
|
2024-11-21 13:54 |
2020-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210428
|
7.8 |
HIGH
Local
|
microsoft
|
windows_10
windows_server_2016
windows_server_2019
|
<p>A remote code execution vulnerability exists when the Windows Camera Codec Pack improperly handles objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary c…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-0997
|
2024-11-21 13:54 |
2020-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210429
|
5.5 |
MEDIUM
Local
|
microsoft
|
windows_10
windows_server_2019
windows_server_2016
|
<p>An information disclosure vulnerability exists when Windows Mobile Device Management (MDM) Diagnostics improperly handles junctions. An attacker who successfully exploited this vulnerability could…
|
CWE-862
Missing Authorization
|
CVE-2020-0989
|
2024-11-21 13:54 |
2020-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210430
|
6.7 |
MEDIUM
Local
|
microsoft
|
windows_10
windows_server_2016
windows_server_2019
powershell
|
<p>A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC) which could allow an attacker to bypass WDAC enforcement. An attacker who successfully exploited this …
|
NVD-CWE-noinfo
|
CVE-2020-0951
|
2024-11-21 13:54 |
2020-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
