Path traversal

A vulnerability was found in keycloak, where path traversal using URL-encoded path segments in the request is possible because the resources endpoint applies a transformation of the url path to the file path. Only few specific folder hierarchies can be exposed by this flaw...

CVE-2020-14366

A vulnerability was found in keycloak, where path traversal using URL-encoded path segments in the request is possible because the resources endpoint applies a transformation of the url path to the file path. Only few specific folder hierarchies can be exposed by this flaw...

CVE-2020-28340

An issue was discovered on Samsung mobile devices with O8.x, P9.0, Q10.0, and R11.0 software. Attackers can bypass Factory Reset Protection FRP via Secure Folder. The Samsung ID is SVE-2020-18546 November 2020...

CVE-2020-28340

An issue was discovered on Samsung mobile devices with O8.x, P9.0, Q10.0, and R11.0 software. Attackers can bypass Factory Reset Protection FRP via Secure Folder. The Samsung ID is SVE-2020-18546 November 2020...

Design/Logic Flaw

An issue was discovered on Samsung mobile devices with O8.x, P9.0, Q10.0, and R11.0 software. Attackers can bypass Factory Reset Protection FRP via Secure Folder. The Samsung ID is SVE-2020-18546 November 2020...

CVE-2020-28340

An issue was discovered on Samsung mobile devices with O8.x, P9.0, Q10.0, and R11.0 software. Attackers can bypass Factory Reset Protection FRP via Secure Folder. The Samsung ID is SVE-2020-18546 November 2020...

CVE-2020-28340

Samsung CVE-2020-28340 affects mobile devices running O(8.x) to R(11.0) and describes a vulnerability that allows bypassing Factory Reset Protection via Secure Folder (Samsung ID SVE-2020-18546). NVD reports CVSSv3.1 base score 9.8 (CRITICAL) and CVSSv2 base score 7.5 (HIGH); attack vector NETWOR...

Microsoft SharePoint Information Disclosure Vulnerability (CNVD-2020-61033)

Microsoft SharePoint is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. An information...

Debian DLA-2426-1 : junit4 security update

In junit4 the test rule TemporaryFolder contains a local information disclosure vulnerability. On Unix like systems, the system's temporary directory is shared between all users on that system. Because of this, when files and directories are written into this directory they are, by default,...

Commvault directory traversal vulnerability

Commvault is a next-generation data management platform, and a directory traversal vulnerability exists in CommCell in Commvault, which could be exploited by attackers to view files outside of the log folder...

Microsoft SharePoint Server Information Disclosure Vulnerability (CNVD-2020-63720)

Microsoft SharePoint is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. A security...

CVE-2020-25780

In CommCell in Commvault before 14.68, 15.x before 15.58, 16.x before 16.44, 17.x before 17.29, and 18.x before 18.13, Directory Traversal can occur such that an attempt to view a log file can instead view a file outside of the log-files folder...

jenkins-jira-plugin: plugin information disclosure

Jenkins JIRA Plugin 3.0.10 and earlier does not declare the correct folder scope for per-folder Jira site definitions, allowing users to select and use credentials with System scope...

CVE-2020-23864

An issue exits in IOBit Malware Fighter version 8.0.2.547. Local escalation of privileges is possible by dropping a malicious DLL file into the WindowsApps folder...

CVE-2020-23864

An issue exits in IOBit Malware Fighter version 8.0.2.547. Local escalation of privileges is possible by dropping a malicious DLL file into the WindowsApps folder...

Design/Logic Flaw

An issue exits in IOBit Malware Fighter version 8.0.2.547. Local escalation of privileges is possible by dropping a malicious DLL file into the WindowsApps folder...

CVE-2020-23864

CVE-2020-23864 affects IOBit Malware Fighter 8.0.2.547. The issue is a local privilege escalation: an attacker can drop a malicious DLL into the WindowsApps folder to gain higher privileges. The connected documents corroborate the same description across multiple sources (NVD, Red Hat, PRION, CVE...

CVE-2020-23864

An issue exits in IOBit Malware Fighter version 8.0.2.547. Local escalation of privileges is possible by dropping a malicious DLL file into the WindowsApps folder...

NVIDIA GeForce Experience Denial of Service and Elevation of Privilege Vulnerability

NVIDIA GeForce Experience is graphics card driver update software that helps to check your computer's geforce drivers and update them to the latest version. A denial of service and elevation of privilege vulnerability exists in NVIDIA GeForce Experience versions prior to 3.20.5.70. The...

CVE-2020-5978

NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in its services in which a folder is created by nvcontainer.exe under normal user login with LOCALSYSTEM privileges which may lead to a denial of service or escalation of privileges...