CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNVD•added 2020/11/02 12:0 a.m.•1 views

Elevation of Privilege Vulnerability in the sysdiagnose Component of Multiple Apple Products

Apple iOS is an operating system developed for mobile devices.Apple tvOS is an operating system for smart TVs.Apple iPadOS is an operating system for iPad tablets.Apple iOS is an operating system for mobile devices.Apple tvOS is an operating system for smart TVs.Apple tvOS is an operating system...

7.8CVSS6.4AI score0.00336EPSS

Tenable Nessus•added 2020/11/02 12:0 a.m.•240 views

Fedora 32 : 1:java-11-openjdk (2020-fdc79d8e5b)

New in release OpenJDK 11.0.9 2020-10-20: =========================================== Full versions of these release notes can be found at : - https://bitly.com/openjdk1109 - https://builds.shipilev.net/backports-monitor/release-notes-11.0.9.txt Security fixes - JDK-8233624: Enhance JNI linkage -...

Tenable Nessus•added 2020/11/02 12:0 a.m.•252 views

Exploits0References10

Fedora 32 : 1:java-1.8.0-openjdk (2020-a405eea76a)

New in release OpenJDK 8u272 2020-10-20: =========================================== Full versions of these release notes can be found at : - https://bitly.com/openjdk8u272 - https://builds.shipilev.net/backports-monitor/release-notes-openjdk8u272.txt New features - JDK-8245468: Add TLSv1.3...

Tenable Nessus•added 2020/11/02 12:0 a.m.•64 views

Exploits0References10

Fedora 31 : 1:java-11-openjdk (2020-421f817e5f)

OSV•added 2020/10/27 9:15 p.m.•3 views

Exploits0References10

CVE-2020-9782

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. A remote attacker may be able to overwrite existing files...

7.5CVSS6.3AI score0.01241EPSS

NVD•added 2020/10/27 9:15 p.m.•19 views

CVE-2020-9782

7.5CVSS6.7AI score0.01241EPSS

Cvelist•added 2020/10/27 8:42 p.m.•26 views

CVE-2020-9782

6.7AI score0.01241EPSS

Tenable Nessus•added 2020/10/26 12:0 a.m.•53 views

Fedora 33 : 1:java-11-openjdk (2020-845860fd4f)

OSV•added 2020/10/22 7:15 p.m.•2 views

Exploits0References9

CVE-2020-9901

An issue existed within the path validation logic for symlinks. This issue was addressed with improved path sanitization. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8. A local attacker may be able to elevate their privileges...

7.8CVSS7.1AI score0.00336EPSS

Exploits0References3

NVD•added 2020/10/22 7:15 p.m.•16 views

CVE-2020-9901

7.8CVSS0.00336EPSS

Exploits0References3

NVD•added 2020/10/22 6:15 p.m.•12 views

CVE-2020-9900

An issue existed within the path validation logic for symlinks. This issue was addressed with improved path sanitization. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. A local attacker may be able to elevate their privileges...

7.8CVSS0.00384EPSS

OSV•added 2020/10/22 6:15 p.m.•2 views

CVE-2020-9900

An issue existed within the path validation logic for symlinks. This issue was addressed with improved path sanitization. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. A local attacker may be able to elevate their privileges...

7.8CVSS7.1AI score0.00384EPSS

CVE•added 2020/10/22 6:3 p.m.•68 views

CVE-2020-9901

CVE-2020-9901 – Apple platforms : An issue in the path validation logic for symbolic links allowed local privilege elevation. Apple fixed this by improved path sanitization, with patches in iOS 13.6, iPadOS 13.6, macOS Catalina 10.15.6, and tvOS 13.4.8. The vulnerability is local and requires no ...

7.8CVSS7AI score0.00336EPSS

Exploits0References3Affected Software4

Cvelist•added 2020/10/22 6:0 p.m.•19 views

CVE-2020-9900

An issue existed within the path validation logic for symlinks. This issue was addressed with improved path sanitization. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6, tvOS 13.4.8, watchOS 6.2.8. A local attacker may be able to elevate their privileges...

7.2AI score0.00384EPSS

CVE•added 2020/10/22 6:0 p.m.•78 views

CVE-2020-9900

CVE-2020-9900 involves a path validation issue in the symlink handling within Apple’s Crash Reporter pathway affecting multiple Apple OS variants (iOS/iPadOS, macOS, tvOS, watchOS). The root cause is improper path sanitization during symlink validation, enabling a local attacker to elevate privil...

7.8CVSS7AI score0.00384EPSS

Exploits0References4Affected Software5

Veracode•added 2020/10/22 1:36 p.m.•11 views

Directory Traversal

superstatic is vulnerable to directory traversal. Lack of validation in the file path allows a user to access to system files through the path name using the ../ characters...

4.5AI score

Exploits0

Positive Technologies•added 2020/10/22 12:0 a.m.•4 views

PT-2020-20850 · Apple · Ios +3

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 13.6 iPadOS versions prior to 13.6 macOS Catalina versions prior to 10.15.6 tvOS versions prior to 13.4.8 Description: The issue existed within the path validation logic for symlinks, which was addressed with improved pa...

7.8CVSS6.6AI score0.00336EPSS

Positive Technologies•added 2020/10/22 12:0 a.m.•2 views

PT-2020-20849 · Apple · Ipados +4

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 13.6 iPadOS versions prior to 13.6 macOS Catalina versions prior to 10.15.6 tvOS versions prior to 13.4.8 watchOS versions prior to 6.2.8 Description: An issue existed within the path validation logic for symlinks, which...

7.8CVSS6.7AI score0.00384EPSS

Exploits0References6

OSV•added 2020/10/14 7:15 p.m.•3 views

CVE-2020-3427

The Windows Logon installer prior to 4.1.2 did not properly validate file installation paths. This allows an attacker with local user privileges to coerce the installer to write to arbitrary privileged directories. If successful, an attacker can manipulate files used by Windows Logon, cause Denia...

7.8CVSS7.2AI score