Total
1460 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-13386 | 1 Smartdraw | 1 Smartdraw 2020 | 2024-11-21 | 7.3 High |
| In SmartDraw 2020 27.0.0.0, the installer gives inherited write permissions to the Authenticated Users group on the SmartDraw 2020 installation folder. Additionally, when the product is installed, two scheduled tasks are created on the machine, SDMsgUpdate (Local) and SDMsgUpdate (TE). The scheduled tasks run in the context of the user who installed the product. Both scheduled tasks attempt to run the same binary, C:\SmartDraw 2020\Messages\SDNotify.exe. The folder Messages doesn't exist by default and (by extension) neither does SDNotify.exe. Due to the weak folder permissions, these can be created by any user. A malicious actor can therefore create a malicious SDNotify.exe binary, and have it automatically run, whenever the user who installed the product logs on to the machine. The malicious SDNotify.exe could, for example, create a new local administrator account on the machine. | ||||
| CVE-2020-12842 | 1 Gogogate | 2 Ismartgate Pro, Ismartgate Pro Firmware | 2024-11-21 | 9.8 Critical |
| ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/checkUserExpirationDate.php. | ||||
| CVE-2020-12839 | 1 Gogogate | 2 Ismartgate Pro, Ismartgate Pro Firmware | 2024-11-21 | 9.8 Critical |
| ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/checkExpirationDate.php. | ||||
| CVE-2020-12838 | 1 Gogogate | 2 Ismartgate Pro, Ismartgate Pro Firmware | 2024-11-21 | 9.8 Critical |
| ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/mailAdmin.php. | ||||
| CVE-2020-12831 | 2 Linuxfoundation, Redhat | 2 Free Range Routing, Enterprise Linux | 2024-11-21 | 5.3 Medium |
| An issue was discovered in FRRouting FRR (aka Free Range Routing) through 7.3.1. When using the split-config feature, the init script creates an empty config file with world-readable default permissions, leading to a possible information leak via tools/frr.in and tools/frrcommon.sh.in. NOTE: some parties consider this user error, not a vulnerability, because the permissions are under the control of the user before any sensitive information is present in the file | ||||
| CVE-2020-12459 | 3 Fedoraproject, Grafana, Redhat | 4 Fedora, Grafana, Enterprise Linux and 1 more | 2024-11-21 | 5.5 Medium |
| In certain Red Hat packages for Grafana 6.x through 6.3.6, the configuration files /etc/grafana/grafana.ini and /etc/grafana/ldap.toml (which contain a secret_key and a bind_password) are world readable. | ||||
| CVE-2020-12458 | 3 Fedoraproject, Grafana, Redhat | 4 Fedora, Grafana, Ceph Storage and 1 more | 2024-11-21 | 5.5 Medium |
| An information-disclosure flaw was found in Grafana through 6.7.3. The database directory /var/lib/grafana and database file /var/lib/grafana/grafana.db are world readable. This can result in exposure of sensitive information (e.g., cleartext or encrypted datasource passwords). | ||||
| CVE-2020-12431 | 1 Splashtop | 2 Software Updater, Streamer | 2024-11-21 | 6.6 Medium |
| A Windows privilege change issue was discovered in Splashtop Software Updater before 1.5.6.16. Insecure permissions on the configuration file and named pipe allow for local privilege escalation to NT AUTHORITY/SYSTEM, by forcing a permission change to any Splashtop files and directories, with resultant DLL hijacking. This product is bundled with Splashtop Streamer (before 3.3.8.0) and Splashtop Business (before 3.3.8.0). | ||||
| CVE-2020-12302 | 1 Intel | 1 Driver \& Support Assistant | 2024-11-21 | 7.8 High |
| Improper permissions in the Intel(R) Driver & Support Assistant before version 20.7.26.7 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2020-12120 | 1 Prestashop | 1 Correos Express | 2024-11-21 | 7.5 High |
| The Correos Express addon for PrestaShop 1.6 through 1.7 allows remote attackers to obtain sensitive information, such as a service's owner password that can be used to modify orders via SOAP. Attackers can also retrieve information about orders or buyers. | ||||
| CVE-2020-12041 | 1 Baxter | 3 Sigma Spectrum Infusion System, Sigma Spectrum Infusion System Firmware, Wireless Battery Module | 2024-11-21 | 9.4 Critical |
| The Baxter Spectrum WBM (v17, v20D29, v20D30, v20D31, and v22D24) telnet Command-Line Interface, grants access to sensitive data stored on the WBM that permits temporary configuration changes to network settings of the WBM, and allows the WBM to be rebooted. Temporary configuration changes to network settings are removed upon reboot. | ||||
| CVE-2020-11911 | 1 Treck | 1 Tcp\/ip | 2024-11-21 | 5.3 Medium |
| The Treck TCP/IP stack before 6.0.1.66 has Improper ICMPv4 Access Control. | ||||
| CVE-2020-11855 | 1 Microfocus | 1 Operation Bridge Reporter | 2024-11-21 | 7.8 High |
| An Authorization Bypass vulnerability on Micro Focus Operation Bridge Reporter, affecting version 10.40 and earlier. The vulnerability could allow local attackers on the OBR host to execute code with escalated privileges. | ||||
| CVE-2020-11831 | 1 Oppo | 1 Ovoicemanager | 2024-11-21 | 9.8 Critical |
| OvoiceManager has system permission to write vulnerability reports for arbitrary files, affected product is com.oppo.ovoicemanager V2.0.1. | ||||
| CVE-2020-11827 | 1 Gog | 1 Galaxy | 2024-11-21 | 7.8 High |
| In GOG Galaxy 1.2.67, there is a service that is vulnerable to weak file/service permissions: GalaxyClientService.exe. An attacker can put malicious code in a Trojan horse GalaxyClientService.exe. After that, the attacker can re-start this service as an unprivileged user to escalate his/her privileges and run commands on the machine with SYSTEM rights. | ||||
| CVE-2020-11613 | 1 Mids\' Reborn Hero Designer Project | 1 Mids\' Reborn Hero Designer | 2024-11-21 | 7.8 High |
| Mids' Reborn Hero Designer 2.6.0.7 has an elevation of privilege vulnerability due to default and insecure permissions being set for the installation folder. By default, the Authenticated Users group has Modify permissions to the installation folder. Because of this, any user on the system can replace binaries or plant malicious DLLs to obtain elevated, or different, privileges, depending on the context of the user that runs the application. | ||||
| CVE-2020-11443 | 1 Zoom | 1 It Installer | 2024-11-21 | 8.1 High |
| The Zoom IT installer for Windows (ZoomInstallerFull.msi) prior to version 4.6.10 deletes files located in %APPDATA%\Zoom before installing an updated version of the client. Standard users are able to write to this directory, and can write links to other directories on the machine. As the installer runs with SYSTEM privileges and follows these links, a user can cause the installer to delete files that otherwise cannot be deleted by the user. | ||||
| CVE-2020-11107 | 2 Apachefriends, Microsoft | 2 Xampp, Windows | 2024-11-21 | 8.8 High |
| An issue was discovered in XAMPP before 7.2.29, 7.3.x before 7.3.16 , and 7.4.x before 7.4.4 on Windows. An unprivileged user can change a .exe configuration in xampp-contol.ini for all users (including admins) to enable arbitrary command execution. | ||||
| CVE-2020-10883 | 1 Tp-link | 2 Ac1750, Ac1750 Firmware | 2024-11-21 | 7.8 High |
| This vulnerability allows local attackers to escalate privileges on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the file system. The issue lies in the lack of proper permissions set on the file system. An attacker can leverage this vulnerability to escalate privileges. Was ZDI-CAN-9651. | ||||
| CVE-2020-10782 | 1 Redhat | 1 Ansible Tower | 2024-11-21 | 6.5 Medium |
| An exposure of sensitive information flaw was found in Ansible version 3.7.0. Sensitive information, such tokens and other secrets could be readable and exposed from the rsyslog configuration file, which has set the wrong world-readable permissions. The highest threat from this vulnerability is to confidentiality. This is fixed in Ansible version 3.7.1. | ||||