5020 matches found
CVE-2020-0797
An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations, aka 'Windows Work Folder Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0777, CVE-2020-0800, CVE-2020-0864, CVE-2020-0865, CVE-2020-0866,...
CVE-2020-0777
CVE-2020-0777 is described in CNVD-2020-23447 as a privilege escalation vulnerability in Microsoft Windows Work Folder Service, arising from improper handling of file operations. The CNVD entry states that an attacker could exploit this with a specially crafted application to run processes with e...
CVE-2020-0777
An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations, aka 'Windows Work Folder Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0797, CVE-2020-0800, CVE-2020-0864, CVE-2020-0865, CVE-2020-0866,...
CVE-2020-10458
Path Traversal in admin/imagepaster/operations.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete any folder on the webserver using a dot-dot-slash sequence ../ via the GET parameter crdir, when the GET parameter action is set to df, causing a Denial of Service...
CVE-2020-10458
The Red Hat and CNVD entries, plus the primary CVE listing, confirm a path-traversal flaw in Chadha PHPKB Standard Multi-Language 9. Affected component: admin/imagepaster/operations.php. Root cause: using a dot-dot-slash sequence (../) via the crdir parameter when action=df, enabling deletion of ...
Microsoft Windows Work Folder Service Elevation of Privilege Vulnerability (CNVD-2020-17162)
Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. An elevation of privilege vulnerability exists in the Microsoft Windows Work Folder servic...
Microsoft Windows Work Folder Service Elevation of Privilege Vulnerability
Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. An elevation of privilege vulnerability exists in the Microsoft Windows Work Folder servic...
Windows Work Folder Service Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could exploit this vulnerability by running a specially crafted...
Windows Work Folder Service Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could exploit this vulnerability by running a specially crafted...
Windows Work Folder Service Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could exploit this vulnerability by running a specially crafted...
Windows Work Folder Service Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could exploit this vulnerability by running a specially crafted...
Windows Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when the "Public Account Pictures" folder improperly handles junctions. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate...
Windows Work Folder Service Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could exploit this vulnerability by running a specially crafted...
Windows Work Folder Service Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could exploit this vulnerability by running a specially crafted...
Windows Work Folder Service Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could exploit this vulnerability by running a specially crafted...
DEBIAN-CVE-2020-1737
A flaw was found in Ansible 2.7.17 and prior, 2.8.9 and prior, and 2.9.6 and prior when using the Extract-Zip function from the winunzip module as the extracted files are not checked if they belong to the destination folder. An attacker could take advantage of this flaw by crafting an archive...
PYSEC-2020-9
A flaw was found in Ansible 2.7.17 and prior, 2.8.9 and prior, and 2.9.6 and prior when using the Extract-Zip function from the winunzip module as the extracted files are not checked if they belong to the destination folder. An attacker could take advantage of this flaw by crafting an archive...
PYSEC-2020-9
A flaw was found in Ansible 2.7.17 and prior, 2.8.9 and prior, and 2.9.6 and prior when using the Extract-Zip function from the winunzip module as the extracted files are not checked if they belong to the destination folder. An attacker could take advantage of this flaw by crafting an archive...
CVE-2020-1737
A flaw was found in Ansible 2.7.17 and prior, 2.8.9 and prior, and 2.9.6 and prior when using the Extract-Zip function from the winunzip module as the extracted files are not checked if they belong to the destination folder. An attacker could take advantage of this flaw by crafting an archive...
CVE-2020-1737
A flaw was found in the Ansible Engine when using the Extract-Zip function from the winunzip module as the extracted files are not checked if they belong to the destination folder. An attacker could take advantage of this flaw by crafting an archive anywhere in the file system, using a path...