USN-4537-1 aptdaemon vulnerability

Vaisha Bernard discovered that Aptdaemon incorrectly handled the Locale property. A local attacker could use this issue to test for the presence of local files...

Exploit for SQL Injection in Online_Bus_Booking_System_Project Online_Bus_Booking_System

CVE-2020-25273 Online Bus Booking System 1.0, there is Authen...

CVE-2020-14027

An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. The database connection strings accept custom unsafe arguments, such as ENABLELOCALINFILE, that can be leveraged by attackers to enable MySQL Load Data Local rogue MySQL server attacks...

CVE-2020-7358 Code Injection in Rapid7 AppSpider Pro Installer

In AppSpider installer versions prior to 7.2.126, the AppSpider installer calls an executable which can be placed in the appropriate directory by an attacker with access to the local machine. This would prevent the installer from distinguishing between a valid executable called during an...

Google Android WindowManager Privilege Vulnerability

Android is a Linux-based open source operating system from Google and the Open Handheld Alliance OHA. A privilege escalation vulnerability exists in the Android-11 version of WindowManager, which stems from launching a malicious application and allows an attacker to escalate privileges locally...

Helm Cross-Site Scripting Vulnerability

helm is a Kubernetes package manager. A security vulnerability exists in Helm versions prior to 2.16.11 and 3.3.2, which can be exploited by an attacker to launch a local attack...

CVE-2020-25212

CVE-2020-25212 affects the NFSv4 client in the Linux kernel and is caused by a TOCTOU mismatch where a size check is performed in fs/nfs/nfs4proc.c instead of fs/nfs/nfs4xdr.c. This can allow a local attacker to corrupt memory or cause unspecified impacts. The issue is addressed in the upstream k...

Windows Graphics Component Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. In a local attack scenario, an attacker could exploit this vulnerability b...

FreeBSD : Mbed TLS -- Local side channel attack on classical CBC decryption in (D)TLS (4c69240f-f02c-11ea-838a-0011d823eebd)

Manuel Pegourie-Gonnard reports : When decrypting/authenticating DTLS record in a connection using a CBC ciphersuite without the Encrypt-then-Mac extension RFC 7366, Mbed TLS used dummy rounds of the compression function associated with the hash used for HMAC in order to hide the length of the...

CVE-2020-23834

CVE-2020-23834 affects Real Time Logic BarracudaDrive v6.5, where insecure permissions on the bd service executable (%SYSTEMDRIVE%\bd\bd.exe) allow a local attacker to replace the file and cause the next boot to run a new bd.exe as LocalSystem, enabling privilege escalation. Documented impact is ...

CVE-2020-8023

CVE-2020-8023 affects openldap2 across multiple SUSE/SOLAS distributions (e.g., SUSE Enterprise Storage 5, SLES variants, openSUSE Leap 15.1/15.2, SAP editions, OpenStack Cloud). The issue is a local privilege escalation triggered by an acceptance of Extraneous Untrusted Data With Trusted Data in...

USN-4479-1: Django vulnerabilities

It was discovered that Django, when used with Python 3.7 or higher, incorrectly handled directory permissions. A local attacker could possibly use this issue to obtain sensitive information, or escalate permissions...

CVE-2020-17393

The CVE-2020-17393 issue affects Parallels Desktop (15.1.3-47255) through the prl_hypervisor kext. A lack of proper validation of user-supplied data can leak a kernel pointer after the handler completes, enabling local information disclosure. While the advisory notes this could be leveraged along...

Dell Encryption and Dell Endpoint Security Suite Elevation of Privilege Vulnerability

Dell Encryption and Dell Endpoint Security Suite are both products of Dell Inc.Dell Encryption is a data protection solution. Dell Encryption is a data protection solution that includes compliance management, authentication, disk data encryption, and port encryption.Dell Endpoint Security Suite i...

MGASA-2020-0333 Updated kernel packages fix security vulnerability

This provides an update to kernel 5.7 series, currently based on upstream 5.7.14 adding support for new hardware and features, and fixes at least the following security issues: An issue was discovered in the Linux kernel through 5.3.9. There is a use-after-free when aalabelparse fails in...

PT-2020-3980 · Microsoft · Windows Graphics +1

Name of the Vulnerable Software and Affected Versions: Windows Graphics Component affected versions not specified Description: The issue is related to the improper handling of objects in memory by the Windows Graphics Component, allowing an attacker to potentially run processes in an elevated...

CVE-2020-7352

CVE-2020-7352 context : The GalaxyClientService in GOG Galaxy runs as SYSTEM on Windows. It ships with an embedded, static RSA private key and listens on localhost:9978, enabling a local attacker with user privileges to execute OS commands in elevated context via crafted inputs. The issue affects...

Windows Graphics Component Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. In a local attack scenario, an attacker could exploit this vulnerability b...

CVE-2020-8014

A UNIX Symbolic Link Symlink Following vulnerability in the packaging of kopano-spamd of openSUSE Leap 15.1, openSUSE Tumbleweed allowed local attackers with the privileges of the kopano user to escalate to root. This issue affects: openSUSE Leap 15.1 kopano-spamd versions prior to...

PT-2020-3003 · Apache +1 · Apache Tomcat +1

Name of the Vulnerable Software and Affected Versions: tomcat versions prior to 8.0.53-29.32.1 tomcat versions prior to 9.0.35-3.39.1 tomcat versions prior to 9.0.35-3.57.3 Description: A vulnerability in the packaging of tomcat on SUSE Enterprise Storage 5, SUSE Linux Enterprise Server 12-SP2-BC...