Lucene search
K

11 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-5781

Malware in sbrugna...

9.3CVSS8.8AI score0.00889EPSS
Exploits1References2
NVD
NVD
added 2021/04/09 6:15 p.m.23 views

CVE-2020-13532

A privilege escalation vulnerability exists in Dream Report 5 R20-2. In the default configuration, the Syncfusion Dashboard Service service binary can be replaced by attackers to escalate privileges to NT SYSTEM. An attacker can provide a malicious file to trigger this vulnerability...

9.3CVSS0.00403EPSS
Exploits1References1
Prion
Prion
added 2021/04/09 6:15 p.m.11 views

Privilege escalation

A privilege escalation vulnerability exists in Dream Report 5 R20-2. IIn the default configuration, the following registry keys, which reference binaries with weak permissions, can be abused by attackers to effectively ‘backdoor’ the installation files and escalate privileges when a new user logs...

4.4CVSS7.8AI score0.00418EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2021/04/09 6:15 p.m.16 views

Privilege escalation

A privilege escalation vulnerability exists in Dream Report 5 R20-2. In the default configuration, the Syncfusion Dashboard Service service binary can be replaced by attackers to escalate privileges to NT SYSTEM. An attacker can provide a malicious file to trigger this vulnerability...

7.2CVSS7.8AI score0.00403EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2021/04/09 6:15 p.m.19 views

Privilege escalation

A privilege escalation vulnerability exists in Dream Report 5 R20-2. COM Class Identifiers CLSID, installed by Dream Report 5 20-2, reference LocalServer32 and InprocServer32 with weak privileges which can lead to privilege escalation when used. An attacker can provide a malicious file to trigger...

6.8CVSS7.7AI score0.00889EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2021/04/09 5:50 p.m.64 views

CVE-2020-13532

Dream Report 5 R20-2 is affected by CVE-2020-13532. Talos confirms a privilege-escalation via replacing the Syncfusion Dashboard Service binary when Dream Report is installed by default in C:\ODS with weak permissions, allowing an attacker to escalate to NT SYSTEM by providing a malicious file. R...

9.3CVSS7.8AI score0.00403EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/04/09 5:50 p.m.38 views

CVE-2020-13532

A privilege escalation vulnerability exists in Dream Report 5 R20-2. In the default configuration, the Syncfusion Dashboard Service service binary can be replaced by attackers to escalate privileges to NT SYSTEM. An attacker can provide a malicious file to trigger this vulnerability...

9.3CVSS7.9AI score0.00403EPSS
Exploits1References1
Cvelist
Cvelist
added 2021/04/09 5:50 p.m.15 views

CVE-2020-13533

A privilege escalation vulnerability exists in Dream Report 5 R20-2. IIn the default configuration, the following registry keys, which reference binaries with weak permissions, can be abused by attackers to effectively ‘backdoor’ the installation files and escalate privileges when a new user logs...

9.3CVSS7.9AI score0.00418EPSS
Exploits1References1
CVE
CVE
added 2021/04/09 5:50 p.m.70 views

CVE-2020-13533

Dream Report 5 R20-2 is affected by a privilege escalation vulnerability linked to default weak permissions in the install directory and specific Run keys. The default C:\ODS permissions allow broad access, enabling an attacker to abuse Run keys ods_rtm_launch and ods_usc (mapping to RTM.exe and ...

9.3CVSS7.8AI score0.00418EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/04/09 5:50 p.m.31 views

CVE-2020-13534

A privilege escalation vulnerability exists in Dream Report 5 R20-2. COM Class Identifiers CLSID, installed by Dream Report 5 20-2, reference LocalServer32 and InprocServer32 with weak privileges which can lead to privilege escalation when used. An attacker can provide a malicious file to trigger...

9.3CVSS7.8AI score0.00889EPSS
Exploits1References1
CVE
CVE
added 2021/04/09 5:50 p.m.66 views

CVE-2020-13534

Dream Report 5 R20-2 is affected by CVE-2020-13534, a privilege-escalation vulnerability. The root cause is weak default permissions in components installed by Dream Report (notably COM CLSIDs referencing LocalServer32 and InprocServer32 in the Dream Report System directory C:\ODS). A specially c...

9.3CVSS7.7AI score0.00889EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder