Dell EMC NetWorker Incorrect Privilege Assignment Vulnerability

Dell EMC NetWorker is a suite of unified backup and recovery software from Dell USA. The software provides backup and recovery, deduplication elimination, backup reporting and other features. A security vulnerability exists in Dell EMC NetWorker versions prior to 19.3.0.2 that stems from a failur...

CVE-2020-26182

Dell EMC NetWorker versions prior to 19.3.0.2 contain an incorrect privilege assignment vulnerability. A non-LDAP remote user with low privileges may exploit this vulnerability to perform 'saveset' related operations in an unintended manner. The vulnerability is not exploitable by users...

CVE-2020-26182

Dell EMC NetWorker versions prior to 19.3.0.2 contain an incorrect privilege assignment vulnerability. A non-LDAP remote user with low privileges may exploit this vulnerability to perform 'saveset' related operations in an unintended manner. The vulnerability is not exploitable by users...

CVE-2020-26182

Dell EMC NetWorker prior to 19.3.0.2 is vulnerable to an incorrect privilege assignment that lets a non‑LDAP remote user with low privileges perform "saveset" related operations in an unintended manner. LDAP-authenticated users are not exploitable per the sources. The issue is mitigated by upgrad...

CVE-2020-7334

Improper privilege assignment vulnerability in the installer McAfee Application and Change Control MACC prior to 8.3.2 allows local administrators to change or update the configuration settings via a carefully constructed MSI configured to mimic the genuine installer. This version adds further...

CVE-2020-7334

Improper privilege assignment vulnerability in the installer McAfee Application and Change Control MACC prior to 8.3.2 allows local administrators to change or update the configuration settings via a carefully constructed MSI configured to mimic the genuine installer. This version adds further...

CVE-2020-7334 Improper privilege assignment vulnerability in the installer component of MACC

Improper privilege assignment vulnerability in the installer McAfee Application and Change Control MACC prior to 8.3.2 allows local administrators to change or update the configuration settings via a carefully constructed MSI configured to mimic the genuine installer. This version adds further...

The vulnerability of Qualcomm’s AVT driver, related to pointer swapping errors, allows a hacker to gain unauthorized access to protected information.

The vulnerability of Qualcomm’s AVT driver is related to errors in pointer assignment. Exploiting this vulnerability can allow a remote attacker to gain unauthorized access to protected information...

Foxit Reader Update Service Incorrect Permission Assignment Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Foxit Reader. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of the...

Advantech WebAccess Node

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Advantech Equipment: WebAccess Node Vulnerability: Incorrect Permission Assignment for Critical Resource 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to escalate their...

Denial Of Service (DoS)

laravel/laravel is vulnerable to denial of service DoS. It is possible because it allows mass assignment of Eloquent attributes that included the model's table name...

CVE-2020-3530

A vulnerability in task group assignment for a specific CLI command in Cisco IOS XR Software could allow an authenticated, local attacker to execute that command, even though administrative privileges should be required. The attacker must have valid credentials on the affected device. The...

CVE-2020-3530

Cisco IOS XR Software contains CVE-2020-3530, a privilege-escalation flaw in task group assignment for a specific CLI command. An authenticated, local attacker with valid credentials can issue a command that should require Administrator privileges, due to an incorrect mapping in task group assign...

CVE-2020-24940

An issue was discovered in Laravel before 6.18.34 and 7.x before 7.23.2. Unvalidated values are saved to the database in some situations in which table names are stripped during a mass assignment...

CVE-2020-24940

An issue was discovered in Laravel before 6.18.34 and 7.x before 7.23.2. Unvalidated values are saved to the database in some situations in which table names are stripped during a mass assignment...

Authentication flaw

An issue was discovered in Laravel before 6.18.34 and 7.x before 7.23.2. Unvalidated values are saved to the database in some situations in which table names are stripped during a mass assignment...

CVE-2020-24940

An issue was discovered in Laravel before 6.18.34 and 7.x before 7.23.2. Unvalidated values are saved to the database in some situations in which table names are stripped during a mass assignment...

CVE-2020-24940

Laravel CVE-2020-24940 affects Laravel before 6.18.34 and 7.x before 7.23.2. The issue arises when unvalidated values are saved to the database in situations where table names are stripped during mass assignment, enabling unintended database writes. Connected records corroborate the affected vers...

PT-2020-15863 · Taylor Otwell · Laravel

Name of the Vulnerable Software and Affected Versions: Laravel versions prior to 6.18.34 Laravel versions 7.x prior to 7.23.2 Description: An issue allows unvalidated values to be saved to the database in certain situations where table names are stripped during mass assignment. Recommendations: F...

BarracudaDrive v6.5 - Insecure Folder Permissions Vulnerability

Exploit Title: BarracudaDrive v6.5 - Insecure Folder Permissions Exploit Author: Bobby Cooke boku & Adeeb Shah @hyd3sec Vendor Homepage: https://barracudaserver.com/ Software Link: https://download.cnet.com/BarracudaDrive/3001-185064-10723210.html Version: v6.5 Tested On: Windows 10 Pro CVSS Base...