CVE-2020-13882

CISOfy Lynis before 3.0.0 has Incorrect Access Control because of a TOCTOU race condition. The routine to check the log and report file permissions was not working as intended and could be bypassed locally. Because of the race, an unprivileged attacker can set up a log and report file, and contro...

CVE-2020-3350 Cisco AMP for Endpoints and ClamAV Privilege Escalation Vulnerability

A vulnerability in the endpoint software of Cisco AMP for Endpoints and Clam AntiVirus could allow an authenticated, local attacker to cause the running software to delete arbitrary files on the system. The vulnerability is due to a race condition that could occur when scanning malicious files. A...

Buffer overflow

On the Cypress CYW20735 evaluation board, any data that exceeds 384 bytes is copied and causes an overflow. This is because the maximum BLOC buffer size for sending and receiving data is set to 384 bytes, but everything else is still configured to the usual size of 1092 which was used for...

UBUNTU-CVE-2020-10767

A flaw was found in the Linux kernel before 5.8-rc1 in the implementation of the Enhanced IBPB Indirect Branch Prediction Barrier. The IBPB mitigation will be disabled when STIBP is not available or when the Enhanced Indirect Branch Restricted Speculation IBRS is available. This flaw allows a loc...

hw: Special Register Buffer Data Sampling (SRBDS)

A new domain bypass transient execution attack known as Special Register Buffer Data Sampling SRBDS has been found. This flaw allows data values from special internal registers to be leaked by an attacker able to execute code on any core of the CPU. An unprivileged, local attacker can use this fl...

Internet Bug Bounty: CVE-2020-9383 Floppy OOB read

A vulnerability was found in Linux Kernel up to 5.5.6 Operating System and classified as critical. Affected by this issue is the function setfdc of the file drivers/block/floppy.c. The manipulation with an unknown input leads to a memory corruption vulnerability Out-of-Bounds. Using CWE to declar...

CVE-2020-3344

A vulnerability in Cisco AMP for Endpoints Linux Connector Software and Cisco AMP for Endpoints Mac Connector Software could allow an authenticated, local attacker to cause a buffer overflow on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploi...

CVE-2020-12828

CVE-2020-12828 affects the AnchorFree VPN SDK prior to 1.3.3.218. The vulnerable component is the VPN SDK service, which binds a socket on localhost and uses a provided path to a executable file, leading to execution of that malicious file with SYSTEM privileges. The connected Red Hat and CNVD en...

CVE-2020-6470

Insufficient validation of untrusted input in clipboard in Google Chrome prior to 83.0.4103.61 allowed a local attacker to inject arbitrary scripts or HTML UXSS via crafted clipboard contents...

Cisco Firepower Threat Defense Software Shell Access (cisco-sa-ftd-shell-9rhJF68K)

According to its self-reported version, Cisco Firepower Threat Defense Software is affected by a shell access vulnerability in the support tunnel feature due to improper configuration of that feature. An authenticated, local attacker can exploit this, by enabling the support tunnel, setting a key...

CVE-2020-4258

IBM i2 Intelligent Analyis Platform 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force...

CVE-2020-4261

The connected IBM bulletin confirms CVE-2020-4261 affects IBM i2 Analyst’s Notebook and IBM i2 Analyst’s Notebook Premium (version 9.2.1). Root cause: memory corruption during loading of .anb files, enabling a local attacker to execute arbitrary code by tricking a user into opening a crafted file...

Windows Graphics Component Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. In a local attack scenario, an attacker could exploit this vulnerability b...

Arbitrary File Write

encryptfs-utils is vulnerable to arbitrary file write. A race condition flaw in mount.ecryptfsprivate could allow a local attacker to overwrite arbitrary files...

Denial Of Service (DoS)

kernel is vulnerable to denial of service. Multiple flaws were found in the ext4 file system code. A local attacker could use these flaws to cause a denial of service by mounting a specially-crafted ext4 file system...

Denial Of Service (DoS)

kernel is vulnerable to denial of service DoS. The vulnerability exists as the sendmsg function in the Linux kernel did not block during UNIX socket garbage collection. This could, potentially, lead to a local denial of service...

CVE-2020-1984

CVE-2020-1984 affects Palo Alto Networks Secdo on Windows. Description: Secdo can try to execute a script at a hardcoded path; if present, a local authenticated user with the ability to create folders or append data at the root of C:\ can obtain system privileges when the path does not exist or i...

USN-4320-1 linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon vulnerability

Al Viro discovered that the vfs layer in the Linux kernel contained a use- after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly expose sensitive information kernel memory...

CVE-2020-10601

CVE-2020-10601 affects VISAM VBASE Editor (11.5.0.2) and VBASE Web-Remote Module. The root cause is a weak hashing algorithm and insecure permissions, enabling a local attacker to bypass the password‑protected mechanism via brute-force or by overwriting the password hash. Impact is local, allowin...

Zoom Client for Meetings < 4.6.9.19273.0402 Multiple Vulnerabilities (macOS)

The version of Zoom Client for Meetings installed on the remote macOS or Mac OS X host is prior to 4.6.9.19273.0402 and is therefore affected by multiple vulnerabilities. - A privilege escalation vulnerability exists in the Zoom client due to a 'runwithroot' file being placed in a user-writable...