5048 matches found
PT-2020-4384 · Microsoft · Sharepoint Foundation +1
Name of the Vulnerable Software and Affected Versions: Microsoft SharePoint Server affected versions not specified Microsoft SharePoint Foundation affected versions not specified Microsoft SharePoint Enterprise Server affected versions not specified Description: The issue is related to errors in...
UBUNTU-CVE-2020-15250
In JUnit4 from version 4.7 and before 4.13.1, the test rule TemporaryFolder contains a local information disclosure vulnerability. On Unix like systems, the system's temporary directory is shared between all users on that system. Because of this, when files and directories are written into this...
Information Exposure
Overview junit:junit is an unit testing framework for Java Affected versions of this package are vulnerable to Information Exposure. The JUnit4 test rule TemporaryFolder contains a local information disclosure vulnerability. On Unix like systems, the system's temporary directory is shared between...
CVE-2020-15838
The Agent Update System in ConnectWise Automate before 2020.8 allows Privilege Escalation because the LTUPDATE folder has weak permissions...
EulerOS 2.0 SP9 : perl-DBI (EulerOS-SA-2020-2170)
According to the versions of the perl-DBI package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in the DBI module before 1.643 for Perl. The hvfetch documentation requires checking for NULL and the code does that...
EulerOS 2.0 SP9 : perl-DBI (EulerOS-SA-2020-2180)
According to the versions of the perl-DBI package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in the DBI module before 1.643 for Perl. The hvfetch documentation requires checking for NULL and the code does that...
CVE-2020-26894
LiveCode v9.6.1 on Windows allows local, low-privileged users to gain privileges by creating a malicious "cmd.exe" in the folder of the vulnerable LiveCode application. If the application is using LiveCode's "shell" function, it will attempt to search for "cmd.exe" in the folder of the current...
CVE-2020-7316
Unquoted service path vulnerability in McAfee File and Removable Media Protection FRP prior to 5.3.0 allows local users to execute arbitrary code, with higher privileges, via execution and from a compromised folder. This issue may result in files not being encrypted when a policy is triggered...
Design/Logic Flaw
Unquoted service path vulnerability in McAfee File and Removable Media Protection FRP prior to 5.3.0 allows local users to execute arbitrary code, with higher privileges, via execution and from a compromised folder. This issue may result in files not being encrypted when a policy is triggered...
CVE-2020-7316
CVE-2020-7316 maps to an Unquoted service path vulnerability in McAfee File and Removable Media Protection (FRP) prior to 5.3.0. A local attacker could run code with higher privileges by exploiting an unquoted service path and from a compromised folder; this may also cause files to avoid encrypti...
CVE-2020-7316 File and Removable Media Protection update fixes one vulnerability
Unquoted service path vulnerability in McAfee File and Removable Media Protection FRP prior to 5.3.0 allows local users to execute arbitrary code, with higher privileges, via execution and from a compromised folder. This issue may result in files not being encrypted when a policy is triggered...
CVE-2020-26606
An issue was discovered on Samsung mobile devices with O8.x, P9.0, Q10.0, and R11.0 software. An attacker can access certain Secure Folder content via a debugging command. The Samsung ID is SVE-2020-18673 October 2020...
CVE-2020-26606
An issue was discovered on Samsung mobile devices with O8.x, P9.0, Q10.0, and R11.0 software. An attacker can access certain Secure Folder content via a debugging command. The Samsung ID is SVE-2020-18673 October 2020...
Command injection
An issue was discovered on Samsung mobile devices with O8.x, P9.0, Q10.0, and R11.0 software. An attacker can access certain Secure Folder content via a debugging command. The Samsung ID is SVE-2020-18673 October 2020...
CVE-2020-26606
An issue was discovered on Samsung mobile devices with O8.x, P9.0, Q10.0, and R11.0 software. An attacker can access certain Secure Folder content via a debugging command. The Samsung ID is SVE-2020-18673 October 2020...
CVE-2020-26606
CVE-2020-26606 affects Samsung mobile devices running O(8.x) through R(11.0). The issue allows an attacker to access Secure Folder content via a debugging command. The NVD entry cites CVSS 3.1 base score 7.5 (High) with Network attack vector and no privileges required; confidentiality impact High...
CVE-2020-13953
In Apache Tapestry from 5.4.0 to 5.5.0, crafting specific URLs, an attacker can download files inside the WEB-INF folder of the WAR being run...
CVE-2020-13953
In Apache Tapestry from 5.4.0 to 5.5.0, crafting specific URLs, an attacker can download files inside the WEB-INF folder of the WAR being run...
CVE-2020-21244
An issue was discovered in FrontAccounting 2.4.7. There is a Directory Traversal vulnerability that can empty folder via admin/instlang.php...
Code injection
In Apache Tapestry from 5.4.0 to 5.5.0, crafting specific URLs, an attacker can download files inside the WEB-INF folder of the WAR being run...