Lucene search
K

130 matches found

CVE
CVE
added 2020/11/12 6:24 p.m.73 views

CVE-2020-12328

Intel Thunderbolt DCH drivers for Windows before version 72 are affected by CVE-2020-12328, a protection mechanism failure that may allow a local privileged user to disclose information. Affected products are Intel Thunderbolt 3 and 4 DCH drivers for Windows prior to v72. Intel and system manufac...

4.4CVSS4.8AI score0.00311EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2020/11/12 6:24 p.m.59 views

CVE-2020-12324

CVE-2020-12324 describes a protection mechanism failure in Intel Thunderbolt DCH drivers for Windows* prior to version 72, potentially allowing an authenticated local user to escalate privileges. Affected products are Intel Thunderbolt 3 and 4 DCH drivers. The advisory and CVE entries indicate a ...

7.8CVSS7.6AI score0.00319EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/11/12 6:24 p.m.37 views

CVE-2020-12324

Protection mechanism failure in some IntelR ThunderboltTM DCH drivers for Windows before version 72 may allow an authenticated user to potentially enable escalation of privilege via local access...

7.8AI score0.00319EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/11/12 6:18 p.m.27 views

CVE-2020-12325

Improper buffer restrictions in some IntelR ThunderboltTM DCH drivers for Windows before version 72 may allow an authenticated user to potentially enable escalation of privilege via local access...

7.9AI score0.00319EPSS
Exploits0References1
CVE
CVE
added 2020/11/12 6:18 p.m.64 views

CVE-2020-12325

The CVE-2020-12325 issue is tied to Intel Thunderbolt DCH drivers for Windows (before version 72). Affected component: Intel Thunderbolt DCH drivers for Windows; root cause: improper buffer restrictions. Impact: authenticated local user can potentially escalate privileges. Severity is high (CVSS ...

7.8CVSS7.8AI score0.00319EPSS
Exploits0References1Affected Software1
Intel
Intel
added 2020/11/10 12:0 a.m.30 views

Intel® Thunderbolt™ DCH Drivers for Windows* Advisory

Summary: Potential security vulnerabilities in some Intel® Thunderbolt™ DCH drivers for Windows may allow escalation of privilege or information disclosure. Intel is releasing updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2020-12325 Description: Improper...

7.8CVSS5.9AI score0.00319EPSS
Exploits0
Lenovo
Lenovo
added 2020/11/04 5:9 p.m.36 views

Intel Thunderbolt DCH Drivers for Windows Advisory - Lenovo Support US

No description provided...

7.8CVSS5AI score0.00319EPSS
Exploits0
CNVD
CNVD
added 2020/02/24 12:0 a.m.2 views

D-Link DCH-M225 Arbitrary OS Command Execution Vulnerability

The DCH-M225 is a Wifi portable audio extender. An arbitrary OS command execution vulnerability exists in D-Link DCH-M225 version 1.05b01 and earlier. A remote authenticated administrator can exploit this vulnerability to execute arbitrary OS commands via shell metacharacters in the media rendere...

9CVSS7.9AI score0.0229EPSS
Exploits0References1
CNVD
CNVD
added 2020/02/24 12:0 a.m.2 views

D-Link DCH-M225 Arbitrary OS Command Execution Vulnerability (CNVD-2020-13159)

The DCH-M225 is a Wifi portable audio extender. An arbitrary OS command execution vulnerability exists in D-Link DCH-M225 1.05b01 and earlier versions. A remote attacker can exploit this vulnerability to execute arbitrary OS commands via shell metacharacters in the spotifyConnect.php userName...

10CVSS8AI score0.02811EPSS
Exploits1References1
NVD
NVD
added 2020/02/21 4:15 p.m.16 views

CVE-2020-6842

D-Link DCH-M225 1.05b01 and earlier devices allow remote authenticated admins to execute arbitrary OS commands via shell metacharacters in the media renderer name...

9CVSS7.3AI score0.0229EPSS
Exploits0References2
OSV
OSV
added 2020/02/21 4:15 p.m.3 views

CVE-2020-6842

D-Link DCH-M225 1.05b01 and earlier devices allow remote authenticated admins to execute arbitrary OS commands via shell metacharacters in the media renderer name...

7.2CVSS7.3AI score0.0229EPSS
Exploits0References2
OSV
OSV
added 2020/02/21 4:15 p.m.2 views

CVE-2020-6841

D-Link DCH-M225 1.05b01 and earlier devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the spotifyConnect.php userName parameter...

9.8CVSS7.6AI score0.02811EPSS
Exploits1References2
NVD
NVD
added 2020/02/21 4:15 p.m.18 views

CVE-2020-6841

D-Link DCH-M225 1.05b01 and earlier devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the spotifyConnect.php userName parameter...

10CVSS9.9AI score0.02811EPSS
Exploits1References2
Prion
Prion
added 2020/02/21 4:15 p.m.25 views

Design/Logic Flaw

D-Link DCH-M225 1.05b01 and earlier devices allow remote authenticated admins to execute arbitrary OS commands via shell metacharacters in the media renderer name...

9CVSS7.2AI score0.0229EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2020/02/21 4:15 p.m.16 views

Design/Logic Flaw

D-Link DCH-M225 1.05b01 and earlier devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the spotifyConnect.php userName parameter...

10CVSS9.8AI score0.02811EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2020/02/21 3:55 p.m.18 views

CVE-2020-6842

D-Link DCH-M225 1.05b01 and earlier devices allow remote authenticated admins to execute arbitrary OS commands via shell metacharacters in the media renderer name...

7.3AI score0.0229EPSS
Exploits0References2
CVE
CVE
added 2020/02/21 3:55 p.m.113 views

CVE-2020-6842

D-Link DCH-M225 (version 1.05b01 and earlier) is affected. The issue is a command injection where remote authenticated admins can execute arbitrary OS commands via shell metacharacters in the media renderer name, due to insufficient input sanitization. Documented impact aligns with high severity ...

9CVSS7.2AI score0.0229EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/02/21 3:35 p.m.18 views

CVE-2020-6841

D-Link DCH-M225 1.05b01 and earlier devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the spotifyConnect.php userName parameter...

9.9AI score0.02811EPSS
Exploits1References2
CVE
CVE
added 2020/02/21 3:35 p.m.112 views

CVE-2020-6841

Summary: CVE-2020-6841 affects the D-Link DCH-M225 Wi‑Fi audio extender (versions 1.05b01 and earlier). The vulnerability arises in the spotifyConnect.php script where userName input is not properly neutralized, allowing an attacker to inject shell metacharacters and execute arbitrary OS commands...

10CVSS9.8AI score0.02811EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2020/02/21 12:0 a.m.38 views

CVE-2020-6842

D-Link DCH-M225 1.05b01 and earlier devices allow remote authenticated admins to execute arbitrary OS commands via shell metacharacters in the media renderer name. Recent assessments: kevthehermit at February 22, 2020 11:00pm UTC reported: This analysis is a transcript of a public gist – Original...

9CVSS2.5AI score0.0229EPSS
Exploits0References3
Rows per page
Query Builder