Export limit exceeded: 76541 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (76541 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-15565 | 4 Debian, Fedoraproject, Opensuse and 1 more | 4 Debian Linux, Fedora, Leap and 1 more | 2024-11-21 | 8.8 High |
| An issue was discovered in Xen through 4.13.x, allowing x86 Intel HVM guest OS users to cause a host OS denial of service or possibly gain privileges because of insufficient cache write-back under VT-d. When page tables are shared between IOMMU and CPU, changes to them require flushing of both TLBs. Furthermore, IOMMUs may be non-coherent, and hence prior to flushing IOMMU TLBs, a CPU cache also needs writing back to memory after changes were made. Such writing back of cached data was missing in particular when splitting large page mappings into smaller granularity ones. A malicious guest may be able to retain read/write DMA access to frames returned to Xen's free pool, and later reused for another purpose. Host crashes (leading to a Denial of Service) and privilege escalation cannot be ruled out. Xen versions from at least 3.2 onwards are affected. Only x86 Intel systems are affected. x86 AMD as well as Arm systems are not affected. Only x86 HVM guests using hardware assisted paging (HAP), having a passed through PCI device assigned, and having page table sharing enabled can leverage the vulnerability. Note that page table sharing will be enabled (by default) only if Xen considers IOMMU and CPU large page size support compatible. | ||||
| CVE-2020-15531 | 1 Silabs | 1 Bluetooth Low Energy Software Development Kit | 2024-11-21 | 8.8 High |
| Silicon Labs Bluetooth Low Energy SDK before 2.13.3 has a buffer overflow via packet data. This is an over-the-air remote code execution vulnerability in Bluetooth LE in EFR32 SoCs and associated modules running Bluetooth SDK, supporting Central or Observer roles. | ||||
| CVE-2020-15530 | 1 Valvesoftware | 1 Steam Client | 2024-11-21 | 7.8 High |
| An issue was discovered in Valve Steam Client 2.10.91.91. The installer allows local users to gain NT AUTHORITY\SYSTEM privileges because some parts of %PROGRAMFILES(X86)%\Steam and/or %COMMONPROGRAMFILES(X86)%\Steam have weak permissions during a critical time window. An attacker can make this time window arbitrarily long by using opportunistic locks. | ||||
| CVE-2020-15529 | 1 Gog | 1 Galaxy | 2024-11-21 | 7.8 High |
| An issue was discovered in GOG Galaxy Client 2.0.17. Local escalation of privileges is possible when a user installs a game or performs a verify/repair operation. The issue exists because of weak file permissions and can be exploited by using opportunistic locks. | ||||
| CVE-2020-15528 | 1 Gog | 1 Galaxy | 2024-11-21 | 7.8 High |
| An issue was discovered in GOG Galaxy Client 2.0.17. Local escalation of privileges is possible when a user starts or uninstalls a game because of weak file permissions and missing file integrity checks. | ||||
| CVE-2020-15523 | 3 Microsoft, Netapp, Python | 3 Windows, Snapcenter, Python | 2024-11-21 | 7.8 High |
| In Python 3.6 through 3.6.10, 3.7 through 3.7.8, 3.8 through 3.8.4rc1, and 3.9 through 3.9.0b4 on Windows, a Trojan horse python3.dll might be used in cases where CPython is embedded in a native application. This occurs because python3X.dll may use an invalid search path for python3.dll loading (after Py_SetPath has been used). NOTE: this issue CANNOT occur when using python.exe from a standard (non-embedded) Python installation on Windows. | ||||
| CVE-2020-15518 | 1 Veeam | 2 Veeam Availability Suite, Veeam Backup \& Replication | 2024-11-21 | 8.8 High |
| VeeamFSR.sys in Veeam Availability Suite before 10 and Veeam Backup & Replication before 10 has no device object DACL, which allows unprivileged users to achieve total control over filesystem I/O requests. | ||||
| CVE-2020-15515 | 1 Turn\! Project | 1 Turn\! | 2024-11-21 | 8.8 High |
| The turn extension through 0.3.2 for TYPO3 allows Remote Code Execution. | ||||
| CVE-2020-15507 | 1 Mobileiron | 5 Cloud, Core, Enterprise Connector and 2 more | 2024-11-21 | 7.5 High |
| An arbitrary file reading vulnerability in MobileIron Core versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 and 10.6.0.0 that allows remote attackers to read files on the system via unspecified vectors. | ||||
| CVE-2020-15503 | 4 Debian, Fedoraproject, Libraw and 1 more | 4 Debian Linux, Fedora, Libraw and 1 more | 2024-11-21 | 7.5 High |
| LibRaw before 0.20-RC1 lacks a thumbnail size range check. This affects decoders/unpack_thumb.cpp, postprocessing/mem_image.cpp, and utils/thumb_utils.cpp. For example, malloc(sizeof(libraw_processed_image_t)+T.tlength) occurs without validating T.tlength. | ||||
| CVE-2020-15502 | 1 Duckduckgo | 1 Duckduckgo | 2024-11-21 | 7.5 High |
| The DuckDuckGo application through 5.58.0 for Android, and through 7.47.1.0 for iOS, sends hostnames of visited web sites within HTTPS .ico requests to servers in the duckduckgo.com domain, which might make visit data available temporarily at a Potentially Unwanted Endpoint. NOTE: the vendor has stated "the favicon service adheres to our strict privacy policy. | ||||
| CVE-2020-15496 | 1 Acronis | 1 True Image | 2024-11-21 | 7.8 High |
| Acronis True Image for Mac before 2021 Update 4 allowed local privilege escalation due to insecure folder permissions. | ||||
| CVE-2020-15495 | 1 Acronis | 1 True Image | 2024-11-21 | 7.8 High |
| Acronis True Image 2019 update 1 through 2020 on macOS allows local privilege escalation due to an insecure XPC service configuration. | ||||
| CVE-2020-15488 | 1 Re-desk | 1 Re\ | 2024-11-21 | 7.5 High |
| Re:Desk 2.3 allows insecure file upload. | ||||
| CVE-2020-15484 | 1 Niscomed | 2 M1000 Multipara Patient Monitor, M1000 Multipara Patient Monitor Firmware | 2024-11-21 | 7.5 High |
| An issue was discovered on Nescomed Multipara Monitor M1000 devices. The internal storage of the underlying Linux system stores data in cleartext, without integrity protection against tampering. | ||||
| CVE-2020-15482 | 1 Niscomed | 2 M1000 Multipara Patient Monitor, M1000 Multipara Patient Monitor Firmware | 2024-11-21 | 7.8 High |
| An issue was discovered on Nescomed Multipara Monitor M1000 devices. The device enables an unencrypted TELNET service by default, with a blank password for the admin account. This allows an attacker to gain root access to the device over the local network. | ||||
| CVE-2020-15481 | 1 Passmark | 3 Burnintest, Osforensics, Performancetest | 2024-11-21 | 7.8 High |
| An issue was discovered in PassMark BurnInTest v9.1 Build 1008, OSForensics v7.1 Build 1012, and PerformanceTest v10.0 Build 1008. The kernel driver exposes IOCTL functionality that allows low-privilege users to map arbitrary physical memory into the address space of the calling process. This could lead to arbitrary Ring-0 code execution and escalation of privileges. This affects DirectIo32.sys and DirectIo64.sys drivers. This issue is fixed in BurnInTest v9.2, PerformanceTest v10.0 Build 1009, OSForensics v8.0. | ||||
| CVE-2020-15480 | 1 Passmark | 3 Burnintest, Osforensics, Performancetest | 2024-11-21 | 8.8 High |
| An issue was discovered in PassMark BurnInTest through 9.1, OSForensics through 7.1, and PerformanceTest through 10. The kernel driver exposes IOCTL functionality that allows low-privilege users to read and write to arbitrary Model Specific Registers (MSRs). This could lead to arbitrary Ring-0 code execution and escalation of privileges. This affects DirectIo32.sys and DirectIo64.sys. | ||||
| CVE-2020-15479 | 1 Passmark | 3 Burnintest, Osforensics, Performancetest | 2024-11-21 | 8.8 High |
| An issue was discovered in PassMark BurnInTest through 9.1, OSForensics through 7.1, and PerformanceTest through 10. The driver's IOCTL request handler attempts to copy the input buffer onto the stack without checking its size and can cause a buffer overflow. This could lead to arbitrary Ring-0 code execution and escalation of privileges. This affects DirectIo32.sys and DirectIo64.sys. | ||||
| CVE-2020-15478 | 1 Journal-theme | 1 Journal | 2024-11-21 | 7.5 High |
| The Journal theme before 3.1.0 for OpenCart allows exposure of sensitive data via SQL errors. | ||||