|
209411
|
5.5 |
MEDIUM
Local
|
microsoft
|
windows_10
windows_server_2012
windows_server_2016
windows_rt_8.1
windows_8.1
windows_server_2019
|
<p>An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to f…
|
NVD-CWE-noinfo
|
CVE-2020-16854
|
2024-11-21 14:07 |
2020-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209412
|
7.1 |
HIGH
Local
|
microsoft
|
onedrive
|
<p>An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application improperly handles symbolic links. An attacker who successfully exploited this vulnerability could …
|
CWE-59
Link Following
|
CVE-2020-16853
|
2024-11-21 14:07 |
2020-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209413
|
7.1 |
HIGH
Local
|
microsoft
|
onedrive
|
<p>An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application improperly handles symbolic links. An attacker who successfully exploited this vulnerability could …
|
NVD-CWE-noinfo
|
CVE-2020-16852
|
2024-11-21 14:07 |
2020-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209414
|
7.1 |
HIGH
Local
|
microsoft
|
onedrive
|
<p>An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application improperly handles symbolic links. An attacker who successfully exploited this vulnerability could …
|
CWE-59
Link Following
|
CVE-2020-16851
|
2024-11-21 14:07 |
2020-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209415
|
8.1 |
HIGH
Network
|
razer
|
chroma_sdk
|
Razer Chroma SDK Rest Server through 3.12.17 allows remote attackers to execute arbitrary programs because there is a race condition in which a file created under "%PROGRAMDATA%\Razer Chroma\SDK\Apps…
|
CWE-362
Race Condition
|
CVE-2020-16602
|
2024-11-21 14:07 |
2020-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209416
|
4.3 |
MEDIUM
Network
|
hoosk
|
hoosk
|
Hoosk Codeigniter CMS before 1.7.2 is affected by a Cross Site Request Forgery (CSRF). When an attacker induces authenticated admin user to a malicious web page, any accounts can be deleted without a…
|
CWE-352
Origin Validation Error
|
CVE-2020-16610
|
2024-11-21 14:07 |
2020-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209417
|
8.3 |
HIGH
Network
|
openstack
|
nova
|
An issue was discovered in Guest.migrate in virt/libvirt/guest.py in OpenStack Nova before 19.3.1, 20.x before 20.3.1, and 21.0.0. By performing a soft reboot of an instance that has previously under…
|
CWE-611
XXE
|
CVE-2020-17376
|
2024-11-21 14:07 |
2020-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209418
|
8.2 |
HIGH
Network
|
hashicorp
|
vault
|
HashiCorp Vault and Vault Enterprise versions 0.8.3 and newer, when configured with the GCP GCE auth method, may be vulnerable to authentication bypass. Fixed in 1.2.5, 1.3.8, 1.4.4, and 1.5.1.
|
CWE-287
Improper Authentication
|
CVE-2020-16251
|
2024-11-21 14:07 |
2020-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209419
|
8.2 |
HIGH
Network
|
hashicorp
|
vault
|
HashiCorp Vault and Vault Enterprise versions 0.7.1 and newer, when configured with the AWS IAM auth method, may be vulnerable to authentication bypass. Fixed in 1.2.5, 1.3.8, 1.4.4, and 1.5.1..
|
CWE-345
CWE-290
Insufficient Verification of Data Authenticity
Authentication Bypass by Spoofing
|
CVE-2020-16250
|
2024-11-21 14:07 |
2020-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209420
|
9.8 |
CRITICAL
Network
|
advantech
|
iview
|
Advantech iView, Versions 5.7 and prior. The affected product is vulnerable to path traversal vulnerabilities that could allow an attacker to create/download arbitrary files, limit system availabilit…
|
CWE-22
Path Traversal
|
CVE-2020-16245
|
2024-11-21 14:07 |
2020-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
