CVE-2020-7259 Unsigned executable vulnerability in ENS can be used to bypass intended self-protection rules

Exploitation of Privilege/Trust vulnerability in file in McAfee Endpoint Security ENS Prior to 10.7.0 February 2020 Update allows local users to bypass local security protection via a carefully crafted input file...

Lenovo System Interface Foundation Input Validation Error Vulnerability

Lenovo System Interface Foundation is a set of software from Lenovo, a Chinese company, for communicating with hardware devices. An input validation error vulnerability exists in Lenovo System Interface Foundation. An attacker could exploit this vulnerability to execute an unsigned DLL file...

CVE-2020-8324

A vulnerability was reported in LenovoAppScenarioPluginSystem for Lenovo System Interface Foundation prior to version 1.2.184.31 that could allow unsigned DLL files to be executed...

CVE-2020-8324

A vulnerability was reported in LenovoAppScenarioPluginSystem for Lenovo System Interface Foundation prior to version 1.2.184.31 that could allow unsigned DLL files to be executed...

Design/Logic Flaw

A vulnerability was reported in LenovoAppScenarioPluginSystem for Lenovo System Interface Foundation prior to version 1.2.184.31 that could allow unsigned DLL files to be executed...

CVE-2020-8324

A vulnerability was reported in LenovoAppScenarioPluginSystem for Lenovo System Interface Foundation prior to version 1.2.184.31 that could allow unsigned DLL files to be executed...

Microsoft Remote Desktop App for Mac Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in Remote Desktop App for Mac in the way it allows an attacker to load unsigned binaries. An attacker could then install programs; view, change, or delete data with the logged in user's privileges. To exploit this vulnerability, an attacker would hav...

Microsoft RMS Sharing App for Mac Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in RMS Sharing App for Mac in the way it allows an attacker to load unsigned binaries. An attacker could then install programs; view, change, or delete data with the logged in user's privileges. To exploit this vulnerability, an attacker would first...

PT-2020-2256

Name of the Vulnerable Software and Affected Versions Microsoft Remote Desktop App for Mac affected versions not specified Description The issue is related to insufficient access restrictions in the Microsoft Remote Desktop App for Mac, allowing an attacker to elevate their privileges. This can b...

Access Restriction Bypass

java-openjdk is vulnerable to Access restriction bypass. Due to some flaws in the Java Virtual Machine JVM and in various Java class implementations, it allows an unsigned applet or application to bypass intended access restrictions...

icedtea security update

CentOS Errata and Security Advisory CESA-2019:2003 An update for icedtea-web is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

DEBIAN-CVE-2019-15796

Python-apt doesn't check if hashes are signed in Version.fetchbinary and Version.fetchsource of apt/package.py or in fetcharchives of apt/cache.py in version 1.9.3ubuntu2 and earlier. This allows downloads from unsigned repositories which shouldn't be allowed and has been fixed in verisions 1.9.5...

CVE-2019-15796

Python-apt doesn't check if hashes are signed in Version.fetchbinary and Version.fetchsource of apt/package.py or in fetcharchives of apt/cache.py in version 1.9.3ubuntu2 and earlier. This allows downloads from unsigned repositories which shouldn't be allowed and has been fixed in verisions 1.9.5...

CVE-2019-15796

Python-apt doesn't check if hashes are signed in Version.fetchbinary and Version.fetchsource of apt/package.py or in fetcharchives of apt/cache.py in version 1.9.3ubuntu2 and earlier. This allows downloads from unsigned repositories which shouldn't be allowed and has been fixed in verisions 1.9.5...

Design/Logic Flaw

Python-apt doesn't check if hashes are signed in Version.fetchbinary and Version.fetchsource of apt/package.py or in fetcharchives of apt/cache.py in version 1.9.3ubuntu2 and earlier. This allows downloads from unsigned repositories which shouldn't be allowed and has been fixed in verisions 1.9.5...

CVE-2019-15796

CVE-2019-15796 affects the Python-apt package where Version.fetch_binary(), Version.fetch_source(), and _fetch_archives() did not verify signed hashes in versions up to 1.9.3ubuntu2, enabling downloads from unsigned repositories. The issue has been fixed in versions 1.9.5, 1.9.0ubuntu1.2, 1.6.5ub...

CVE-2019-15796

Python-apt doesn't check if hashes are signed in Version.fetchbinary and Version.fetchsource of apt/package.py or in fetcharchives of apt/cache.py in version 1.9.3ubuntu2 and earlier. This allows downloads from unsigned repositories which shouldn't be allowed and has been fixed in verisions 1.9.5...

ASUS Device Activation Code Execution Vulnerability

ASUS Device Activation is a device activation software from Asus ASUS of Taiwan, China. A security vulnerability exists in the DevActSvc.exe file in ASUS Device Activation versions prior to 1.0.7.0 for Windows 10 laptops and desktops. An attacker could exploit the vulnerability to fail to...

CVE-2020-10649

DevActSvc.exe in ASUS Device Activation before 1.0.7.0 for Windows 10 notebooks and PCs could lead to unsigned code execution with no additional restrictions when a user puts an application at a particular path with a particular file name...

CVE-2020-10649

DevActSvc.exe in ASUS Device Activation before 1.0.7.0 for Windows 10 notebooks and PCs could lead to unsigned code execution with no additional restrictions when a user puts an application at a particular path with a particular file name...