2867 matches found
Design/Logic Flaw
This vulnerability allows local attackers to escalate privileges on affected installations of Foxit Reader 10.0.0.35798. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handli...
CVE-2020-17415
This vulnerability allows local attackers to escalate privileges on affected installations of Foxit PhantomPDF 10.0.0.35798. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...
CVE-2020-24246
Peplink Balance before 8.1.0rc1 allows an unauthenticated attacker to download PHP configuration files /filemanager/php/connector.php from Web Admin...
CVE-2020-24246
Peplink Balance before 8.1.0rc1 allows an unauthenticated attacker to download PHP configuration files /filemanager/php/connector.php from Web Admin...
CVE-2020-24246
Peplink Balance before 8.1.0rc1 allows an unauthenticated attacker to download PHP configuration files /filemanager/php/connector.php from Web Admin...
CVE-2020-24356
cloudflared versions prior to 2020.8.1 contain a local privilege escalation vulnerability on Windows systems. When run on a Windows system, cloudflared searches for configuration files which could be abused by a malicious entity to execute commands as a privileged user. Version 2020.8.1 fixes thi...
CVE-2020-24356 Local Privilege Escalation in cloudflared
cloudflared versions prior to 2020.8.1 contain a local privilege escalation vulnerability on Windows systems. When run on a Windows system, cloudflared searches for configuration files which could be abused by a malicious entity to execute commands as a privileged user. Version 2020.8.1 fixes thi...
Foxit Reader Elevation of Privilege Vulnerability
Foxit Reader is a PDF document reader. An elevation of privilege vulnerability exists in Foxit Reader 10.0.1.35811 and earlier versions in the handling of configuration files used by the update service. The vulnerability stems from incorrect privilege settings on resources used by the update...
Foxit Reader Update Service Incorrect Permission Assignment Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Foxit Reader. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of the...
Foxit PhantomPDF Update Service Incorrect Permission Assignment Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Foxit PhantomPDF. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of the...
Information leakage vulnerability in CSC-830 of Beijing Sifang Relay Automation Co.
CSC830 PLC is a compact controller for small and medium-sized discrete automation systems and stand-alone automation systems from Beijing Sifang Relay Automation Co. The CSC-830 of Beijing Sifang Relay Automation Co., Ltd. suffers from an information leakage vulnerability that can be exploited by...
CVE-2020-3503
A vulnerability in the file system permissions of Cisco IOS XE Software could allow an authenticated, local attacker to obtain read and write access to critical configuration or system files. The vulnerability is due to insufficient file system permissions on an affected device. An attacker could...
CVE-2019-15993
A vulnerability in the web UI of Cisco Small Business Switches could allow an unauthenticated, remote attacker to access sensitive device information. The vulnerability exists because the software lacks proper authentication controls to information accessible from the web UI. An attacker could...
Design/Logic Flaw
A vulnerability in the web UI of Cisco Small Business Switches could allow an unauthenticated, remote attacker to access sensitive device information. The vulnerability exists because the software lacks proper authentication controls to information accessible from the web UI. An attacker could...
CVE-2019-15993 Cisco Small Business Switches Information Disclosure Vulnerability
A vulnerability in the web UI of Cisco Small Business Switches could allow an unauthenticated, remote attacker to access sensitive device information. The vulnerability exists because the software lacks proper authentication controls to information accessible from the web UI. An attacker could...
CVE-2019-15993 Cisco Small Business Switches Information Disclosure Vulnerability
A vulnerability in the web UI of Cisco Small Business Switches could allow an unauthenticated, remote attacker to access sensitive device information. The vulnerability exists because the software lacks proper authentication controls to information accessible from the web UI. An attacker could...
McAfee Web Gateway Elevation of Privilege Vulnerability (CNVD-2020-52201)
McAfee Web Gateway is a high-performance secure Web gateway with best-in-class threat protection in a unified appliance software architecture. An elevation of privilege vulnerability exists in McAfee Web Gateway versions prior to 9.2.1. The vulnerability stems from improper user interface access...
CVE-2020-7296
Privilege Escalation vulnerability in McAfee Web Gateway MWG prior to 9.2.1 allows authenticated user interface user to access protected configuration files via improper access control in the user interface...
CVE-2020-7296
Privilege Escalation vulnerability in McAfee Web Gateway MWG prior to 9.2.1 allows authenticated user interface user to access protected configuration files via improper access control in the user interface...
Denial of service
A denial of service vulnerability was reported in the Lenovo Vantage component called Lenovo System Interface Foundation prior to version 1.1.19.5 that could allow configuration files to be written to non-standard locations...