|
210281
|
7.8 |
HIGH
Local
|
intel
|
board_id_tool
|
Incorrect default permissions in the Intel(R) Board ID Tool version v.1.01 may allow an authenticated user to potentially enable escalation of privilege via local access.
|
CWE-276
Incorrect Default Permissions
|
CVE-2020-24456
|
2024-11-21 14:14 |
2020-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210282
|
7.5 |
HIGH
Network
|
intel
|
quartus_prime
|
Improper Restriction of XML External Entity Reference in subsystem forIntel(R) Quartus(R) Prime Pro Edition before version 20.3 and Intel(R) Quartus(R) Prime Standard Edition before version 20.2 may …
|
CWE-611
XXE
|
CVE-2020-24454
|
2024-11-21 14:14 |
2020-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210283
|
6.1 |
MEDIUM
Network
|
adobe
|
connect
|
Adobe Connect version 11.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page,…
|
-
|
CVE-2020-24443
|
2024-11-21 14:14 |
2020-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210284
|
6.1 |
MEDIUM
Network
|
adobe
|
connect
|
Adobe Connect version 11.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page,…
|
-
|
CVE-2020-24442
|
2024-11-21 14:14 |
2020-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210285
|
5.5 |
MEDIUM
Local
|
adobe
|
acrobat_reader
|
Adobe Acrobat Reader for Android version 20.6.2 (and earlier) does not properly restrict access to directories created by the application. This could result in disclosure of sensitive information sto…
|
NVD-CWE-Other
|
CVE-2020-24441
|
2024-11-21 14:14 |
2020-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210286
|
7.8 |
HIGH
Local
|
bluestacks
|
bluestacks
|
Incorrect file permissions in BlueStacks 4 through 4.230 on Windows allow a local attacker to escalate privileges by modifying a file that is later executed by a higher-privileged user.
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2020-24367
|
2024-11-21 14:14 |
2020-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210287
|
7.2 |
HIGH
Network
|
canto
|
canto
|
The Canto plugin 1.3.0 for WordPress allows includes/lib/download.php?subdomain= SSRF.
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2020-24063
|
2024-11-21 14:14 |
2020-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210288
|
7.8 |
HIGH
Local
|
ilex
|
international_sign\&go
|
Ilex International Sign&go Workstation Security Suite 7.1 allows elevation of privileges via a symlink attack on ProgramData\Ilex\S&G\Logs\000-sngWSService1.log.
|
CWE-59
Link Following
|
CVE-2020-23968
|
2024-11-21 14:14 |
2020-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210289
|
9.8 |
CRITICAL
Network
|
a10networks
|
agalaxy
advanced_core_operating_system
|
A10 Networks ACOS and aGalaxy management Graphical User Interfaces (GUIs) have an unauthenticated Remote Code Execution (RCE) vulnerability that could be used to compromise affected ACOS systems. ACO…
|
NVD-CWE-noinfo
|
CVE-2020-24384
|
2024-11-21 14:14 |
2020-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210290
|
6.1 |
MEDIUM
Network
|
pega
|
pega_platform
|
Pega Platform before 8.4.0 has a XSS issue via stream rule parameters used in the request header.
|
CWE-79
Cross-site Scripting
|
CVE-2020-24353
|
2024-11-21 14:14 |
2020-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
