CVE-2020-17043
- Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17044, CVE-2020-17055.
Published:
November 11, 2020; 2:15:16 AM -0500
V3.1: 7.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2020-17034
- Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055.
Published:
November 11, 2020; 2:15:15 AM -0500
V3.1: 7.8 HIGH
V2.0: 4.6 MEDIUM
CVE-2020-17033
- Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055.
Published:
November 11, 2020; 2:15:15 AM -0500
V3.1: 7.8 HIGH
V2.0: 4.6 MEDIUM
CVE-2020-17032
- Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055.
Published:
November 11, 2020; 2:15:15 AM -0500
V3.1: 7.8 HIGH
V2.0: 4.6 MEDIUM
CVE-2020-17031
- Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055.
Published:
November 11, 2020; 2:15:15 AM -0500
V3.1: 7.8 HIGH
V2.0: 4.6 MEDIUM
CVE-2020-17028
- Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055.
Published:
November 11, 2020; 2:15:15 AM -0500
V3.1: 7.8 HIGH
V2.0: 4.6 MEDIUM
CVE-2020-17027
- Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055.
Published:
November 11, 2020; 2:15:15 AM -0500
V3.1: 7.8 HIGH
V2.0: 4.6 MEDIUM
CVE-2020-17026
- Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055.
Published:
November 11, 2020; 2:15:15 AM -0500
V3.1: 7.8 HIGH
V2.0: 4.6 MEDIUM
CVE-2020-17025
- Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055.
Published:
November 11, 2020; 2:15:14 AM -0500
V3.1: 7.8 HIGH
V2.0: 4.6 MEDIUM
CVE-2020-8577
- SANtricity OS Controller Software versions 11.50.1 and higher are susceptible to a vulnerability which could allow an attacker to discover sensitive information by intercepting its transmission within an https session.
Published:
November 06, 2020; 12:15:12 PM -0500
V3.1: 5.9 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2020-24353
- Pega Platform before 8.4.0 has a XSS issue via stream rule parameters used in the request header.
Published:
November 09, 2020; 9:15:14 AM -0500
V3.1: 6.1 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2020-27196
- An issue was discovered in PlayJava in Play Framework 2.6.0 through 2.8.2. The body parsing of HTTP requests eagerly parses a payload given a Content-Type header. A deep JSON structure sent to a valid POST endpoint (that may or may not expect JSON...
read CVE-2020-27196
Published:
November 06, 2020; 9:15:16 AM -0500
V3.1: 7.5 HIGH
V2.0: 5.0 MEDIUM
CVE-2020-5945
- In BIG-IP versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, and 14.1.0-14.1.2.7, undisclosed TMUI page contains a stored cross site scripting vulnerability (XSS). The issue allows a minor privilege escalation for resource admin to escalate to full admin.
Published:
November 05, 2020; 3:15:17 PM -0500
CVE-2020-14222
- HCL Digital Experience 8.5, 9.0, 9.5 is susceptible to cross site scripting (XSS). One subcomponent is vulnerable to reflected XSS. In reflected XSS, an attacker must induce a victim to click on a crafted URL from some delivery mechanism (email, o...
read CVE-2020-14222
Published:
November 05, 2020; 12:15:12 PM -0500
V3.1: 6.1 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2020-25170
- An Excel Macro Injection vulnerability exists in the export feature in the B. Braun OnlineSuite Version AP 3.0 and earlier via multiple input fields that are mishandled in an Excel export.
Published:
November 06, 2020; 12:15:11 PM -0500
V3.1: 7.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2020-25174
- A DLL hijacking vulnerability in the B. Braun OnlineSuite Version AP 3.0 and earlier allows local attackers to execute code on the system as a high privileged user.
Published:
November 06, 2020; 12:15:12 PM -0500
V3.1: 7.8 HIGH
V2.0: 6.9 MEDIUM
CVE-2020-25172
- A relative path traversal attack in the B. Braun OnlineSuite Version AP 3.0 and earlier allows unauthenticated attackers to upload or download arbitrary files.
Published:
November 06, 2020; 12:15:12 PM -0500
V3.1: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2020-13661
- Telerik Fiddler through 5.0.20202.18177 allows attackers to execute arbitrary programs via a hostname with a trailing space character, followed by --utility-and-browser --utility-cmd-prefix= and the pathname of a locally installed program. The vic...
read CVE-2020-13661
Published:
November 05, 2020; 2:15:12 PM -0500
V3.1: 8.8 HIGH
V2.0: 6.8 MEDIUM
CVE-2020-13536
- An exploitable local privilege elevation vulnerability exists in the file system permissions of Moxa MXView series 3.1.8 installation. Depending on the vector chosen, an attacker can either add code to a script or replace a binary. By default MXVi...
read CVE-2020-13536
Published:
November 05, 2020; 4:15:12 PM -0500
CVE-2020-13537
- An exploitable local privilege elevation vulnerability exists in the file system permissions of Moxa MXView series 3.1.8 installation. Depending on the vector chosen, an attacker can either add code to a script or replace a binary.By default MXVie...
read CVE-2020-13537
Published:
November 05, 2020; 4:15:12 PM -0500