130 matches found
CVE-2020-12328
Intel Thunderbolt DCH drivers for Windows before version 72 are affected by CVE-2020-12328, a protection mechanism failure that may allow a local privileged user to disclose information. Affected products are Intel Thunderbolt 3 and 4 DCH drivers for Windows prior to v72. Intel and system manufac...
CVE-2020-12324
CVE-2020-12324 describes a protection mechanism failure in Intel Thunderbolt DCH drivers for Windows* prior to version 72, potentially allowing an authenticated local user to escalate privileges. Affected products are Intel Thunderbolt 3 and 4 DCH drivers. The advisory and CVE entries indicate a ...
CVE-2020-12324
Protection mechanism failure in some IntelR ThunderboltTM DCH drivers for Windows before version 72 may allow an authenticated user to potentially enable escalation of privilege via local access...
CVE-2020-12325
Improper buffer restrictions in some IntelR ThunderboltTM DCH drivers for Windows before version 72 may allow an authenticated user to potentially enable escalation of privilege via local access...
CVE-2020-12325
The CVE-2020-12325 issue is tied to Intel Thunderbolt DCH drivers for Windows (before version 72). Affected component: Intel Thunderbolt DCH drivers for Windows; root cause: improper buffer restrictions. Impact: authenticated local user can potentially escalate privileges. Severity is high (CVSS ...
Intel® Thunderbolt™ DCH Drivers for Windows* Advisory
Summary: Potential security vulnerabilities in some Intel® Thunderbolt™ DCH drivers for Windows may allow escalation of privilege or information disclosure. Intel is releasing updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2020-12325 Description: Improper...
Intel Thunderbolt DCH Drivers for Windows Advisory - Lenovo Support US
No description provided...
D-Link DCH-M225 Arbitrary OS Command Execution Vulnerability
The DCH-M225 is a Wifi portable audio extender. An arbitrary OS command execution vulnerability exists in D-Link DCH-M225 version 1.05b01 and earlier. A remote authenticated administrator can exploit this vulnerability to execute arbitrary OS commands via shell metacharacters in the media rendere...
D-Link DCH-M225 Arbitrary OS Command Execution Vulnerability (CNVD-2020-13159)
The DCH-M225 is a Wifi portable audio extender. An arbitrary OS command execution vulnerability exists in D-Link DCH-M225 1.05b01 and earlier versions. A remote attacker can exploit this vulnerability to execute arbitrary OS commands via shell metacharacters in the spotifyConnect.php userName...
CVE-2020-6842
D-Link DCH-M225 1.05b01 and earlier devices allow remote authenticated admins to execute arbitrary OS commands via shell metacharacters in the media renderer name...
CVE-2020-6842
D-Link DCH-M225 1.05b01 and earlier devices allow remote authenticated admins to execute arbitrary OS commands via shell metacharacters in the media renderer name...
CVE-2020-6841
D-Link DCH-M225 1.05b01 and earlier devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the spotifyConnect.php userName parameter...
CVE-2020-6841
D-Link DCH-M225 1.05b01 and earlier devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the spotifyConnect.php userName parameter...
Design/Logic Flaw
D-Link DCH-M225 1.05b01 and earlier devices allow remote authenticated admins to execute arbitrary OS commands via shell metacharacters in the media renderer name...
Design/Logic Flaw
D-Link DCH-M225 1.05b01 and earlier devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the spotifyConnect.php userName parameter...
CVE-2020-6842
D-Link DCH-M225 1.05b01 and earlier devices allow remote authenticated admins to execute arbitrary OS commands via shell metacharacters in the media renderer name...
CVE-2020-6842
D-Link DCH-M225 (version 1.05b01 and earlier) is affected. The issue is a command injection where remote authenticated admins can execute arbitrary OS commands via shell metacharacters in the media renderer name, due to insufficient input sanitization. Documented impact aligns with high severity ...
CVE-2020-6841
D-Link DCH-M225 1.05b01 and earlier devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the spotifyConnect.php userName parameter...
CVE-2020-6841
Summary: CVE-2020-6841 affects the D-Link DCH-M225 Wi‑Fi audio extender (versions 1.05b01 and earlier). The vulnerability arises in the spotifyConnect.php script where userName input is not properly neutralized, allowing an attacker to inject shell metacharacters and execute arbitrary OS commands...
CVE-2020-6842
D-Link DCH-M225 1.05b01 and earlier devices allow remote authenticated admins to execute arbitrary OS commands via shell metacharacters in the media renderer name. Recent assessments: kevthehermit at February 22, 2020 11:00pm UTC reported: This analysis is a transcript of a public gist – Original...