|
209381
|
7.8 |
HIGH
Local
|
microsoft
|
windows_10
windows_server_2016
windows_server_2019
|
<p>An elevation of privilege vulnerability exists when the Windows Storage VSP Driver improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated…
|
NVD-CWE-noinfo
|
CVE-2020-16885
|
2024-11-21 14:07 |
2020-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209382
|
7.1 |
HIGH
Local
|
microsoft
|
windows_server_2016
windows_10
|
<p>An elevation of privilege vulnerability exists when Microsoft Windows improperly handles reparse points. An attacker who successfully exploited this vulnerability could overwrite or delete a targe…
|
NVD-CWE-noinfo
|
CVE-2020-16877
|
2024-11-21 14:07 |
2020-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209383
|
7.1 |
HIGH
Local
|
microsoft
|
windows_10
windows_server_2016
windows_server_2019
|
<p>An elevation of privilege vulnerability exists when the Windows Application Compatibility Client Library improperly handles registry operations. An attacker who successfully exploited this vulnera…
|
NVD-CWE-noinfo
|
CVE-2020-16876
|
2024-11-21 14:07 |
2020-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209384
|
7.5 |
HIGH
Network
|
microsoft
|
windows_server_2008
windows_7
|
<p>A denial of service vulnerability exists in Windows Remote Desktop Service when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successful…
|
NVD-CWE-noinfo
|
CVE-2020-16863
|
2024-11-21 14:07 |
2020-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209385
|
8.8 |
HIGH
Network
|
zohocorp
|
manageengine_applications_manager
|
Zoho ManageEngine Applications Manager version 14740 and prior allows an authenticated SQL Injection via a crafted jsp request in the RCA module.
|
CWE-89
SQL Injection
|
CVE-2020-16267
|
2024-11-21 14:07 |
2020-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209386
|
7.8 |
HIGH
Local
|
msi
|
ambientlink_mslo64_firmware
|
The MSI AmbientLink MsIo64 driver 1.0.0.8 has a Buffer Overflow (0x80102040, 0x80102044, 0x80102050,and 0x80102054).
|
CWE-787
Out-of-bounds Write
|
CVE-2020-17382
|
2024-11-21 14:07 |
2020-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209387
|
6.8 |
MEDIUM
Network
|
istio
|
istio
|
In Istio 1.5.0 though 1.5.8 and Istio 1.6.0 through 1.6.7, when users specify an AuthorizationPolicy resource with DENY actions using wildcard suffixes (e.g. *-some-suffix) for source principals or n…
|
NVD-CWE-noinfo
|
CVE-2020-16844
|
2024-11-21 14:07 |
2020-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209388
|
6.1 |
MEDIUM
Network
|
ge
|
s2020_firmware
s2024_firmware
|
The affected Reason S20 Ethernet Switch is vulnerable to cross-site scripting (XSS), which may allow an attacker to trick application users into performing critical application actions that include, …
|
-
|
CVE-2020-16242
|
2024-11-21 14:07 |
2020-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209389
|
7.8 |
HIGH
Local
|
pango
|
hotspot_shield
|
Improper directory permissions in the Hotspot Shield VPN client software for Windows 10.3.0 and earlier may allow an authorized user to potentially enable escalation of privilege via local access. Th…
|
CWE-59
CWE-732
Link Following
Incorrect Permission Assignment for Critical Resource
|
CVE-2020-17365
|
2024-11-21 14:07 |
2020-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209390
|
7.2 |
HIGH
Network
|
ge
|
asset_performance_management_classic
|
GE Digital APM Classic, Versions 4.4 and prior. Salt is not used for hash calculation of passwords, making it possible to decrypt passwords. This design flaw, along with the IDOR vulnerability, puts …
|
NVD-CWE-Other
|
CVE-2020-16244
|
2024-11-21 14:07 |
2020-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
