|
218851
|
7.8 |
HIGH
Local
|
amd
|
vbios_flash_tool_software_development_kit
|
A potential vulnerability in a dynamically loaded AMD driver in AMD VBIOS Flash Tool SDK may allow any authenticated user to escalate privileges to NT authority system.
|
NVD-CWE-noinfo
|
CVE-2020-12927
|
2024-11-21 14:00 |
2020-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218852
|
6.4 |
MEDIUM
Physics
|
amd
|
trusted_platform_modules_reference
|
The Trusted Platform Modules (TPM) reference software may not properly track the number of times a failed shutdown happens. This can leave the TPM in a state where confidential key material in the TP…
|
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2020-12926
|
2024-11-21 14:00 |
2020-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218853
|
5.5 |
MEDIUM
Local
|
amd
|
energy_driver_for_linux
|
A potential vulnerability in the AMD extension to Linux "hwmon" service may allow an attacker to use the Linux-based Running Average Power Limit (RAPL) interface to show various side channel attacks.…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2020-12912
|
2024-11-21 14:00 |
2020-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218854
|
9.8 |
CRITICAL
Network
|
westerndigital
|
my_cloud_firmware
|
Addressed multiple stack buffer overflow vulnerabilities that could allow an attacker to carry out escalation of privileges through unauthorized remote code execution in Western Digital My Cloud devi…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-12830
|
2024-11-21 14:00 |
2020-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218855
|
7.5 |
HIGH
Network
|
arista
|
cloudvision_exchange
|
Arista’s CloudVision eXchange (CVX) server before 4.21.12M, 4.22.x before 4.22.7M, 4.23.x before 4.23.5M, and 4.24.x before 4.24.2F allows remote attackers to cause a denial of service (crash and res…
|
NVD-CWE-noinfo
|
CVE-2020-13100
|
2024-11-21 14:00 |
2020-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218856
|
5.5 |
MEDIUM
Local
|
amd
|
atikmdag.sys
|
A denial of service vulnerability exists in the D3DKMTEscape handler functionality of AMD ATIKMDAG.SYS (e.g. version 26.20.15029.27017). A specially crafted D3DKMTEscape API request can cause an out-…
|
CWE-125
Out-of-bounds Read
|
CVE-2020-12933
|
2024-11-21 14:00 |
2020-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218857
|
7.8 |
HIGH
Local
|
amd
|
ryzen_master
|
A vulnerability in a dynamically loaded AMD driver in AMD Ryzen Master V15 may allow any authenticated user to escalate privileges to NT authority system.
|
NVD-CWE-noinfo
|
CVE-2020-12928
|
2024-11-21 14:00 |
2020-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218858
|
5.5 |
MEDIUM
Local
|
amd
|
atikmdag.sys
|
A denial of service vulnerability exists in the D3DKMTCreateAllocation handler functionality of AMD ATIKMDAG.SYS (e.g. version 26.20.15029.27017). A specially crafted D3DKMTCreateAllocation API reque…
|
CWE-125
Out-of-bounds Read
|
CVE-2020-12911
|
2024-11-21 14:00 |
2020-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218859
|
6.1 |
MEDIUM
Network
|
webmin
|
webmin
|
XSS exists in Webmin 1.941 and earlier affecting the Save function of the Read User Email Module / mailboxes Endpoint when attempting to save HTML emails. This module parses any output without saniti…
|
CWE-79
Cross-site Scripting
|
CVE-2020-12670
|
2024-11-21 14:00 |
2020-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218860
|
9.1 |
CRITICAL
Network
|
fusionauth
|
samlv2
|
FusionAuth fusionauth-samlv2 0.2.3 allows remote attackers to forge messages and bypass authentication via a SAML assertion that lacks a Signature element, aka a "Signature exclusion attack".
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2020-12676
|
2024-11-21 14:00 |
2020-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
