7874 matches found
An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice 'setup_len' exceeds its 'data_buf[4096]' in the do_token_in do_token_out routines. This flaw allows a guest user to crash the QEMU process resulting in a denial of service or the potential execution of arbitrary code with the privileges of the QEMU process on the host.
...
chalona-server (>=1.0.25 <=1.0.26), fbkt (>=1.0.4 <=2.0.10) +10 more potentially affected by unknown CVE via sql-injection (>=0.0.5 <=0.0.7)
sql-injection NPM version =0.0.5, =1.0.25, =1.0.4, =1.0.2, =1.0.0, =1.0.1, =1.0.1, =1.0.0, =0.0.1, =1.0.0, =0.9.49, =2.0.0, =2.0.4 Source cves: unknown CVE Source advisory: OSV:GHSA-HVXQ-J2R4-4JM8...
ALPINE-CVE-2020-14364
An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice 'setuplen' exceeds its 'databuf4096' in the dotokenin, dotokenout routines. This flaw allows a guest user to crash...
BlazeDVD 7.0 Professional Buffer Overflow
Title: BlazeDVD 7.0 Professional - '.plf' Local Buffer Overflow SEH,ASLR,DEP Author: emalp Date: 2020-08-31 Vendor Homepage: http://www.blazevideo.com/ Software Link: http://www.blazevideo.com/download/BlazeDVDProSetup.exe Version: 7.0.0.0 Tested on: Windows 7 Home Basic Run this file bfile.plf...
The vulnerability of the Windows Setup application installation process allows a hacker to exploit their privileges.
The vulnerability of the Windows Setup application’s installation service is related to errors in the use of standard permissions. Exploiting this vulnerability can allow an attacker to increase their privileges...
UBUNTU-CVE-2020-14364
An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice 'setuplen' exceeds its 'databuf4096' in the dotokenin, dotokenout routines. This flaw allows a guest user to crash...
kubernetes kubeadm-ha-setup kubernetes-cni kubernetes-cni-plugins security update
kubernetes 1.12.10-1.0.15 - Address CVE-2020-16845 kubeadm-ha-setup 0.0.2-1.0.73 - Fix update to coredns image tag 0.0.2-1.0.72 - Address CVE-2020-16845 kubernetes-cni 0.7.1-1.0.3 - Pin min version of cni-plugins kubernetes-cni-plugins 0.8.6-1.0.3 - Address CVE-2020-16845...
Oracle Linux 7 : kubernetes / kubeadm-ha-setup / kubernetes-cni / kubernetes-cni-plugins (ELSA-2020-5825)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-5825 advisory. - Address CVE-2020-16845 kubeadm-ha-setup - Address CVE-2020-16845 kubernetes-cni Tenable has extracted the preceding description block directly from the Oracle...
KITT-Lite
This is a Python-based pentesting CLI tool. The tool is designed to extract WPS Wi-Fi Protected Setup pins from vulnerable routers. It uses various tools such as Piexiewps, Reaver, Bully, Aircrack Suite, and Wash in an automated way to achieve its goal. The tool is likely used for penetration...
Kali Linux 2020.3 Release - Penetration Testing and Ethical Hacking Linux Distribution
Time for another Kali Linux release! Quarter 3 – Kali Linux 20202.3. This release has various impressive updates. A quick overview of what’s new since the last release in May 2020: New Shell – Starting the process to switch from “Bash” to “ZSH “ The release of “Win-Kex ” – Get readyWSL2 Automatin...
CVE-2020-1571
An elevation of privilege vulnerability exists in Windows Setup in the way it handles permissions. A locally authenticated attacker could run arbitrary code with elevated system privileges. After successfully exploiting the vulnerability, an attacker could then install programs; view, change, or...
CVE-2020-1571
An elevation of privilege vulnerability exists in Windows Setup in the way it handles permissions. A locally authenticated attacker could run arbitrary code with elevated system privileges. After successfully exploiting the vulnerability, an attacker could then install programs; view, change, or...
Privilege escalation
An elevation of privilege vulnerability exists in Windows Setup in the way it handles permissions. A locally authenticated attacker could run arbitrary code with elevated system privileges. After successfully exploiting the vulnerability, an attacker could then install programs; view, change, or...
CVE-2020-1571 Windows Setup Elevation of Privilege Vulnerability
...
CVE-2020-1571
Technical details about CVE-2020-1571 are not provided in the supplied documents. The records reference a Windows Setup elevation-of-privilege issue with no specific affected builds, root cause, exploit info, or fixes disclosed here. Monitor for updates.
CVE-2020-1571
An elevation of privilege vulnerability exists in Windows Setup in the way it handles permissions.A locally authenticated attacker could run arbitrary code with elevated system privileges, aka ‘Windows Setup Elevation of Privilege Vulnerability’. Recent assessments: gwillcox-r7 at September 01,...
CVE-2020-15145
In Composer-Setup for Windows before version 6.0.0, if the developer's computer is shared with other users, a local attacker may be able to exploit the following scenarios. 1. A local regular user may modify the existing C:\ProgramData\ComposerSetup\bin\composer.bat in order to get elevated comma...
CVE-2020-15145
In Composer-Setup for Windows before version 6.0.0, if the developer's computer is shared with other users, a local attacker may be able to exploit the following scenarios. 1. A local regular user may modify the existing C:\ProgramData\ComposerSetup\bin\composer.bat in order to get elevated comma...
Design/Logic Flaw
In Composer-Setup for Windows before version 6.0.0, if the developer's computer is shared with other users, a local attacker may be able to exploit the following scenarios. 1. A local regular user may modify the existing C:\ProgramData\ComposerSetup\bin\composer.bat in order to get elevated comma...
CVE-2020-15145 Local privilege elevation in Composer-Setup for Windows
In Composer-Setup for Windows before version 6.0.0, if the developer's computer is shared with other users, a local attacker may be able to exploit the following scenarios. 1. A local regular user may modify the existing C:\ProgramData\ComposerSetup\bin\composer.bat in order to get elevated comma...