PT-2023-14632 · Unknown · Livebox Collaboration Vdesk

Name of the Vulnerable Software and Affected Versions: LIVEBOX Collaboration vDesk versions through v018 Description: An issue exists due to Broken Access Control under the "/api/v1/vdesk DOMAIN/export" endpoint. A malicious user, authenticated to the product without any specific privilege, can u...

SAP Basis Automated Note Search Tool CVE-2020-6307 Remote Authorization Bypass Vulnerability

Description SAP Basis is prone to an authorization-bypass vulnerability. Attackers can exploit this issue to gain unauthorized access and obtain sensitive information. This may aid in further attacks. Technologies Affected SAP Automated Note Search Tool SAP Basis 7.00 SAP Basis 7.01 SAP Basis 7.0...

SAP Disclosure Management CVE-2020-6303 Input Validation Security Vulnerability

Description SAP Disclosure Management is prone to a security vulnerability because it fails to properly sanitize user-supplied input. An attacker may exploit this issue to obtain sensitive information, access or modify data within the context of the affected application; this may aid in further...

Microsoft Windows Search Indexer CVE-2020-0633 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for...

Microsoft Windows Search Indexer CVE-2020-0625 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for...

Microsoft OneDrive for Android CVE-2020-0654 Security Bypass Vulnerability

Description Microsoft OneDrive for Android is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in launching further attacks. Technologies Affected Microsoft OneDrive Recommendations...

Microsoft ASP.NET Core CVE-2020-0603 Remote Code Execution Vulnerability

Description Microsoft ASP.NET Core is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected...

Microsoft Windows Search Indexer CVE-2020-0626 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for...

Microsoft Windows CVE-2020-0621 Security Bypass Vulnerability

Description Microsoft Windows is prone to a security bypass vulnerability. Successfully exploiting this issue may allow attackers to bypass certain security restrictions and perform unauthorized actions. This may lead to other attacks. Technologies Affected Microsoft Windows 10 Version 1709 for...

Microsoft Excel CVE-2020-0650 Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft...

Oracle Java SE/Java SE Embedded CVE-2020-2593 Remote Security Vulnerability

Description Oracle Java SE and Java SE Embedded are prone to a remote security vulnerability. The vulnerability can be exploited over multiple protocols. This issue affects the 'Networking' component. This vulnerability affects the following supported versions: Java SE: 7u241, 8u231, 11.0.5,...

Oracle Java SE/Java SE Embedded CVE-2020-2583 Remote Security Vulnerability

Description Oracle Java SE and Java SE Embedded are prone to a remote security vulnerability. The vulnerability can be exploited over multiple protocols. This issue affects the 'Serialization' component. This vulnerability affects the following supported versions: Java SE: 7u241, 8u231, 11.0.5,...

Oracle Java SE/Java SE Embedded/GraalVM CVE-2020-2604 Remote Security Vulnerability

Description Oracle Java SE/Java SE Embedded/GraalVM are prone to a remote security vulnerability. The vulnerability can be exploited over multiple protocols. This issue affects the 'Serialization' component. This vulnerability affects the following supported versions: Java SE: 7u241, 8u231, 11.0....

Oracle Database Server cpujan2020 Multiple Remote Security Vulnerabilities

Description Oracle Database Server is prone to multiple remote security vulnerabilities. These vulnerabilities can be exploited over the multiple protocols. The 'Core RDBMS' component is affected. These vulnerabilities affect the following supported versions: 12.1.0.2, 12.2.0.1, 18c and 19c...

Oracle E-Business Suite CVE-2020-2666 Remote Security Vulnerability

Description Oracle E-Business Suite is prone to a remote security vulnerability in 'Oracle Applications Framework' product. These vulnerabilities can be exploited over the 'HTTP' protocol. The 'Attachments / File Upload' component is affected. This vulnerability affects the following supported...

Oracle Java SE/Java SE Embedded CVE-2020-2590 Remote Security Vulnerability

Description Oracle Java SE and Java SE Embedded are prone to a remote security vulnerability. The vulnerability can be exploited over 'Kerberos' protocol. This issue affects the 'Security' component. This vulnerability affects the following supported versions: Java SE: 7u241, 8u231, 11.0.5, 13.0....

Oracle E-Business Suite cpujan2020 Multiple Security Vulnerabilities

Description Oracle E-Business Suite is prone to multiple security vulnerabilities in 'Human Resources' product. These vulnerabilities affect the following supported versions: 12.1.1 through 12.1.3, 12.2.3 through 12.2.9 Technologies Affected Oracle E-Business Suite 12.1.1 Oracle E-Business Suite...

Oracle Java SE/Java SE Embedded CVE-2020-2601 Remote Security Vulnerability

Description Oracle Java SE and Java SE Embedded are prone to a remote security vulnerability. The vulnerability can be exploited over 'Kerberos' protocol. This issue affects the 'Security' component. This vulnerability affects the following supported versions: Java SE: 7u241, 8u231, 11.0.5, 13.0....

Oracle E-Business Suite cpujan2020 Multiple Security Vulnerabilities

Description Oracle E-Business Suite is prone to multiple security vulnerabilities. These vulnerabilities can be exploited over 'HTTPS' protocol. The 'Preferences', 'Message Hooks', 'Attachments / File Upload' components are affected. These vulnerabilities affect the following supported versions:...

Oracle Java SE CVE-2020-2655 Remote Security Vulnerability

Description Oracle Java SE is prone to a remote security vulnerability. The vulnerability can be exploited over 'HTTPS' protocol. This issue affects the 'JSSE' component. This vulnerability affects the following supported versions: Java SE: 11.0.5, 13.0.1 Technologies Affected Oracle JDKLinux...