The vulnerability of the Microsoft Active Directory component of the Cisco Identity Services Engine (ISE) management platform for connections allows a perpetrator to increase their privileges.

The vulnerability of the Microsoft Active Directory component of the Cisco Identity Services Engine ISE management connection policies is related to the improper assignment of privileges. Exploiting this vulnerability can allow an attacker to enhance their privileges...

CVE-2020-27122

A vulnerability in the Microsoft Active Directory integration of Cisco Identity Services Engine ISE could allow an authenticated, local attacker to elevate privileges on an affected device. To exploit this vulnerability, an attacker would need to have a valid administrator account on an affected...

CVE-2020-27122 Cisco Identity Services Engine Privilege Escalation Vulnerability

A vulnerability in the Microsoft Active Directory integration of Cisco Identity Services Engine ISE could allow an authenticated, local attacker to elevate privileges on an affected device. To exploit this vulnerability, an attacker would need to have a valid administrator account on an affected...

iDS6 DSSPro Digital Signage System 6.2 - Improper Access Control Privilege Escalation

Exploit Title: iDS6 DSSPro Digital Signage System 6.2 - Improper Access Control Privilege Escalation Date: 2020-07-16 Exploit Author: LiquidWorm Vendor Homepage: http://www.yerootech.com Version: 6.2 iDS6 DSSPro Digital Signage System 6.2 Improper Access Control Privilege Escalation Vendor:...

Micro Focus Operations Bridge Manager Service Incorrect Permission Assignment Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Micro Focus Operations Bridge Manager. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists withi...

Dell EMC NetWorker Incorrect Privilege Assignment Vulnerability

Dell EMC NetWorker is a suite of unified backup and recovery software from Dell USA. The software provides backup and recovery, deduplication elimination, backup reporting and other features. A security vulnerability exists in Dell EMC NetWorker versions prior to 19.3.0.2 that stems from a failur...

CVE-2020-26182

Dell EMC NetWorker versions prior to 19.3.0.2 contain an incorrect privilege assignment vulnerability. A non-LDAP remote user with low privileges may exploit this vulnerability to perform 'saveset' related operations in an unintended manner. The vulnerability is not exploitable by users...

CVE-2020-26182

Dell EMC NetWorker versions prior to 19.3.0.2 contain an incorrect privilege assignment vulnerability. A non-LDAP remote user with low privileges may exploit this vulnerability to perform 'saveset' related operations in an unintended manner. The vulnerability is not exploitable by users...

CVE-2020-26182

Dell EMC NetWorker prior to 19.3.0.2 is vulnerable to an incorrect privilege assignment that lets a non‑LDAP remote user with low privileges perform "saveset" related operations in an unintended manner. LDAP-authenticated users are not exploitable per the sources. The issue is mitigated by upgrad...

CVE-2020-7334

Improper privilege assignment vulnerability in the installer McAfee Application and Change Control MACC prior to 8.3.2 allows local administrators to change or update the configuration settings via a carefully constructed MSI configured to mimic the genuine installer. This version adds further...

CVE-2020-7334

Improper privilege assignment vulnerability in the installer McAfee Application and Change Control MACC prior to 8.3.2 allows local administrators to change or update the configuration settings via a carefully constructed MSI configured to mimic the genuine installer. This version adds further...

CVE-2020-7334 Improper privilege assignment vulnerability in the installer component of MACC

Improper privilege assignment vulnerability in the installer McAfee Application and Change Control MACC prior to 8.3.2 allows local administrators to change or update the configuration settings via a carefully constructed MSI configured to mimic the genuine installer. This version adds further...

The vulnerability of Qualcomm’s AVT driver, related to pointer swapping errors, allows a hacker to gain unauthorized access to protected information.

The vulnerability of Qualcomm’s AVT driver is related to errors in pointer assignment. Exploiting this vulnerability can allow a remote attacker to gain unauthorized access to protected information...

Foxit Reader Update Service Incorrect Permission Assignment Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Foxit Reader. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of the...

Advantech WebAccess Node

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Advantech Equipment: WebAccess Node Vulnerability: Incorrect Permission Assignment for Critical Resource 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to escalate their...

Denial Of Service (DoS)

laravel/laravel is vulnerable to denial of service DoS. It is possible because it allows mass assignment of Eloquent attributes that included the model's table name...

CVE-2020-3530

A vulnerability in task group assignment for a specific CLI command in Cisco IOS XR Software could allow an authenticated, local attacker to execute that command, even though administrative privileges should be required. The attacker must have valid credentials on the affected device. The...

CVE-2020-3530

Cisco IOS XR Software contains CVE-2020-3530, a privilege-escalation flaw in task group assignment for a specific CLI command. An authenticated, local attacker with valid credentials can issue a command that should require Administrator privileges, due to an incorrect mapping in task group assign...

CVE-2020-24940

An issue was discovered in Laravel before 6.18.34 and 7.x before 7.23.2. Unvalidated values are saved to the database in some situations in which table names are stripped during a mass assignment...

CVE-2020-24940

An issue was discovered in Laravel before 6.18.34 and 7.x before 7.23.2. Unvalidated values are saved to the database in some situations in which table names are stripped during a mass assignment...