CVE-2020-3201

A vulnerability in the Tool Command Language Tcl interpreter of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker with privileged EXEC credentials to cause a denial of service DoS condition on an affected system. The vulnerability is due to insufficient inp...

CVE-2020-3198 Cisco IOS Software for Cisco Industrial Routers Arbitrary Code Execution Vulnerabilities

Multiple vulnerabilities in Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers Industrial ISRs and Cisco 1000 Series Connected Grid Routers CGR1000 could allow an unauthenticated, remote attacker or an authenticated, local attacker to execute arbitrary code on an...

PT-2020-2874 · Cisco · Cisco Ios Xe

Name of the Vulnerable Software and Affected Versions: Cisco IOS XE Software affected versions not specified Description: A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker to escalate their privileges to a user with root-level privileges. The issue is due to...

CVE-2020-5331

RSA Archer, versions prior to 6.7 P3 6.7.0.3, contain an information exposure vulnerability. Users’ session information could potentially be stored in cache or log files. An authenticated malicious local user with access to the log files may obtain the exposed information to use it in further...

CVE-2019-16011

A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to...

edk2: numeric truncation in MdeModulePkg/PiDxeS3BootScriptLib

Integer truncation in EDK II may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2020-0568

Race condition in the IntelR Driver and Support Assistant before version 20.1.5 may allow an authenticated user to potentially enable denial of service via local access...

Cisco SD-WAN Solution Command Injection Vulnerability (CNVD-2020-19236)

Cisco SD-WAN Solution is a suite of network extension solutions from Cisco. the CLI is a command line interface. A command injection vulnerability exists in the CLI in versions prior to Cisco SD-WAN Solution Release 19.2.2, which stems from the program failing to adequately perform input...

CVE-2020-0530

Improper buffer restrictions in firmware for IntelR NUC may allow an authenticated user to potentially enable escalation of privilege via local access. The list of affected products is provided in intel-sa-00343: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html...

CVE-2020-0507

Unquoted service path in IntelR Graphics Drivers before versions 15.33.49.5100, 15.36.38.5117, 15.40.44.5107, 15.45.30.5103, and 26.20.100.7212 may allow an authenticated user to potentially enable denial of service via local access...

PT-2020-1992 · Cisco · Cisco Fxos +3

Name of the Vulnerable Software and Affected Versions: Cisco FXOS Software versions affected versions not specified Cisco UCS Manager Software versions affected versions not specified Description: The issue is related to insufficient input validation in the command-line interface of Cisco FXOS...

CVE-2020-3153 Cisco AnyConnect Secure Mobility Client for Windows Uncontrolled Search Path Vulnerability

A vulnerability in the installer component of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated local attacker to copy user-supplied files to system level directories with system level privileges. The vulnerability is due to the incorrect handling of directory paths...

PT-2020-1762 · Cisco · Cisco Anyconnect Secure Mobility Client

Name of the Vulnerable Software and Affected Versions: Cisco AnyConnect Secure Mobility Client for Windows versions prior to 4.8.02042 Description: A vulnerability in the installer component of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated local attacker to copy...

CVE-2020-1976

A denial-of-service DoS vulnerability in Palo Alto Networks GlobalProtect software running on Mac OS allows authenticated local users to cause the Mac OS kernel to hang or crash. This issue affects GlobalProtect 5.0.5 and earlier versions of GlobalProtect 5.0 on Mac OS...

DEBIAN-CVE-2019-14607

Improper conditions check in multiple Intel® Processors may allow an authenticated user to potentially enable partial escalation of privilege, denial of service and/or information disclosure via local access...

CVE-2019-14603

Improper permissions in the installer for the License Server software for Intel® Quartus® Prime Pro Edition before version 19.3 may allow an authenticated user to potentially enable escalation of privilege via local access...

UBUNTU-CVE-2019-0148

Resource leak in i40e driver for IntelR Ethernet 700 Series Controllers versions before 7.0 may allow an authenticated user to potentially enable a denial of service via local access...

CVE-2019-14566

Insufficient input validation in IntelR SGX SDK multiple Linux and Windows versions may allow an authenticated user to enable information disclosure, escalation of privilege or denial of service via local access...

BSA-2019-869

Security Advisory ID : BSA-2019-869 Component : SANnav Revision : 1.0 An information exposure vulnerability, in Brocade SANnav versions before v2.0, logs plain text database connection password while triggering support save. The vulnerability could allow an authenticated local malicious user with...

CVE-2019-15962

A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoint CE Software could allow an authenticated, local attacker to write files to the /root directory of an affected device. The vulnerability is due to improper permission assignment. An attacker could exploit this vulnerability by...