CVE-2020-0951

A security feature bypass vulnerability exists in Windows Defender Application Control WDAC which could allow an attacker to bypass WDAC enforcement. An attacker who successfully exploited this vulnerability could execute PowerShell commands that would be blocked by WDAC. To exploit the...

CVE-2020-0951

A security feature bypass vulnerability exists in Windows Defender Application Control WDAC which could allow an attacker to bypass WDAC enforcement. An attacker who successfully exploited this vulnerability could execute PowerShell commands that would be blocked by WDAC. To exploit the...

Security feature bypass

A security feature bypass vulnerability exists in Windows Defender Application Control WDAC which could allow an attacker to bypass WDAC enforcement. An attacker who successfully exploited this vulnerability could execute PowerShell commands that would be blocked by WDAC. To exploit the...

CVE-2020-0951 Windows Defender Application Control Security Feature Bypass Vulnerability

...

Windows Defender Application Control Security Feature Bypass Vulnerability

A security feature bypass vulnerability exists in Windows Defender Application Control WDAC which could allow an attacker to bypass WDAC enforcement. An attacker who successfully exploited this vulnerability could execute PowerShell commands that would be blocked by WDAC. To exploit the...

PT-2020-3927 · Microsoft +1 · Windows Defender Application Control +3

Name of the Vulnerable Software and Affected Versions: Windows Defender Application Control WDAC affected versions not specified Description: A security feature bypass issue exists in Windows Defender Application Control WDAC, allowing an attacker to bypass WDAC enforcement and execute arbitrary...

CVE-2020-7309

Cross Site Scripting vulnerability in ePO extension in McAfee Application Control MAC prior to 8.3.1 allows administrators to inject arbitrary web script or HTML via specially crafted input in the policy discovery section...

CVE-2020-7309

Cross Site Scripting vulnerability in ePO extension in McAfee Application Control MAC prior to 8.3.1 allows administrators to inject arbitrary web script or HTML via specially crafted input in the policy discovery section...

Cross site scripting

Cross Site Scripting vulnerability in ePO extension in McAfee Application Control MAC prior to 8.3.1 allows administrators to inject arbitrary web script or HTML via specially crafted input in the policy discovery section...

CVE-2020-7309 Cross Site Scripting vulnerability in ePO extension of MACC

Cross Site Scripting vulnerability in ePO extension in McAfee Application Control MAC prior to 8.3.1 allows administrators to inject arbitrary web script or HTML via specially crafted input in the policy discovery section...

CVE-2020-7309

CVE-2020-7309 affects the ePO extension of McAfee Application Control (MAC) prior to version 8.3.1. The vulnerability is a Cross Site Scripting (XSS) flaw in the policy discovery input, allowing an attacker to inject arbitrary web script or HTML. Affected component: ePO extension’s policy discove...

Code injection

SAP NetWeaver ABAP Server and ABAP Platform, versions - 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 753, 755, allows an attacker to inject code that can be executed by the application, leading to Code Injection. An attacker could thereby control the behavior of the application...

CVE-2020-6296

SAP NetWeaver ABAP Server and ABAP Platform, versions - 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 753, 755, allows an attacker to inject code that can be executed by the application, leading to Code Injection. An attacker could thereby control the behavior of the application...

Code injection

SAP OrientDB, version 3.0, allows an authenticated attacker with script execute/write permissions to inject code that can be executed by the application and lead to Code Injection. An attacker could thereby control the behavior of the application...

CVE-2020-6230

SAP OrientDB, version 3.0, allows an authenticated attacker with script execute/write permissions to inject code that can be executed by the application and lead to Code Injection. An attacker could thereby control the behavior of the application...

CVE-2020-11465

Summary: CVE-2020-11465 affects Deskpro before 2019.8.0. The /api/apps/* endpoints did not properly validate a user’s privileges, enabling an attacker to control/install helpdesk applications and leak current configurations—including apps used as user sources for authentication—and to forge authe...

SYS.2.2.2.A14

Ziel des Bausteins SYS.2.2.2 ist der Schutz von Informationen, die durch und auf Windows 8.1-Clients verarbeiten werden. Die Kern-Anforderung Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...

November 12, 2019—KB4525236 (OS Build 14393.3326)

November 12, 2019—KB4525236 OS Build 14393.3326 Reminder The additional servicing for Windows 10 Enterprise, Education, and IoT Enterprise editions ended on April 9, 2019 and doesn't extend beyond this date. To continue receiving security and quality updates, Microsoft recommends updating to the...

Unspecified Vulnerability in IBM Security Guardium Big Data Intelligence

IBM Security Guardium Big Data Intelligence SonarG is a suite of big data security intelligence solutions from IBM, USA. The solution features interactive data exploration, automated connectivity analysis, and user activity analysis. A security vulnerability exists in IBM Security Guardium Big Da...

CVE-2019-0355

SAP NetWeaver Application Server Java Web Container, ENGINEAPI before versions 7.10, 7.20, 7.30, 7.31, 7.40, 7.50 and SAP-JEECOR before versions 6.40, 7.0, 7.01, allows an attacker to inject code that can be executed by the application. An attacker could thereby control the behaviour of the...