| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-15822 | Hig | 0.48 | 7.3 | 0.01 | Oct 19, 2020 | In JetBrains YouTrack before 2020.2.10514, SSRF is possible because URL filtering can be escaped. | ||
| CVE-2020-7195 | Hig | 0.57 | 8.8 | 0.03 | Oct 19, 2020 | A iccselectrules expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | ||
| CVE-2020-7194 | Hig | 0.57 | 8.8 | 0.03 | Oct 19, 2020 | A perfaddormoddevicemonitor expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | ||
| CVE-2020-7193 | Hig | 0.57 | 8.8 | 0.03 | Oct 19, 2020 | A ictexpertcsvdownload expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | ||
| CVE-2020-7192 | Hig | 0.57 | 8.8 | 0.03 | Oct 19, 2020 | A devicethresholdconfig expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | ||
| CVE-2020-7191 | Hig | 0.57 | 8.8 | 0.03 | Oct 19, 2020 | A devsoftsel expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | ||
| CVE-2020-7190 | Hig | 0.57 | 8.8 | 0.03 | Oct 19, 2020 | A deviceselect expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | ||
| CVE-2020-7189 | Hig | 0.57 | 8.8 | 0.03 | Oct 19, 2020 | A faultflasheventselectfact expression language injectionremote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | ||
| CVE-2020-7188 | Hig | 0.57 | 8.8 | 0.03 | Oct 19, 2020 | A userselectpagingcontent expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | ||
| CVE-2020-7187 | Hig | 0.57 | 8.8 | 0.03 | Oct 19, 2020 | A reportpage index expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | ||
| CVE-2020-7186 | Hig | 0.57 | 8.8 | 0.03 | Oct 19, 2020 | A powershellconfigcontent expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | ||
| CVE-2020-7185 | Hig | 0.57 | 8.8 | 0.03 | Oct 19, 2020 | A tvxlanlegend expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | ||
| CVE-2020-7184 | Hig | 0.57 | 8.8 | 0.03 | Oct 19, 2020 | A viewbatchtaskresultdetailfact expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | ||
| CVE-2020-7183 | Hig | 0.57 | 8.8 | 0.03 | Oct 19, 2020 | A forwardredirect expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | ||
| CVE-2020-7182 | Hig | 0.57 | 8.8 | 0.03 | Oct 19, 2020 | A sshconfig expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | ||
| CVE-2020-7181 | Hig | 0.57 | 8.8 | 0.03 | Oct 19, 2020 | A smsrulesdownload expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | ||
| CVE-2020-7180 | Hig | 0.57 | 8.8 | 0.03 | Oct 19, 2020 | A ictexpertdownload expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | ||
| CVE-2020-7179 | Hig | 0.57 | 8.8 | 0.03 | Oct 19, 2020 | A thirdpartyperfselecttask expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | ||
| CVE-2020-7178 | Hig | 0.57 | 8.8 | 0.03 | Oct 19, 2020 | A mediaforaction expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | ||
| CVE-2020-7177 | Hig | 0.57 | 8.8 | 0.03 | Oct 19, 2020 | A wmiconfigcontent expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | ||
| CVE-2020-7176 | Hig | 0.57 | 8.8 | 0.03 | Oct 19, 2020 | A viewtaskresultdetailfact expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | ||
| CVE-2020-7175 | Hig | 0.57 | 8.8 | 0.03 | Oct 19, 2020 | A iccselectdymicparam expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | ||
| CVE-2020-7174 | Hig | 0.57 | 8.8 | 0.03 | Oct 19, 2020 | A soapconfigcontent expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | ||
| CVE-2020-7173 | Hig | 0.57 | 8.8 | 0.03 | Oct 19, 2020 | A actionselectcontent expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | ||
| CVE-2020-24630 | Hig | 0.57 | 8.8 | 0.02 | Oct 19, 2020 | A remote operatoronlinelist_content privilege escalation vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). | ||
| CVE-2020-16161 | Hig | 0.49 | 7.5 | 0.02 | Oct 19, 2020 | GoPro gpmf-parser 1.5 has a division-by-zero vulnerability in GPMF_ScaledData(). Parsing malicious input can result in a crash. | ||
| CVE-2020-16160 | Hig | 0.49 | 7.5 | 0.01 | Oct 19, 2020 | GoPro gpmf-parser 1.5 has a division-by-zero vulnerability in GPMF_Decompress(). Parsing malicious input can result in a crash. | ||
| CVE-2020-16158 | Hig | 0.57 | 8.8 | 0.02 | Oct 19, 2020 | GoPro gpmf-parser through 1.5 has a stack out-of-bounds write vulnerability in GPMF_ExpandComplexTYPE(). Parsing malicious input can result in a crash or potentially arbitrary code execution. | ||
| CVE-2020-24266 | Hig | 0.49 | 7.5 | 0.03 | Oct 19, 2020 | An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap buffer overflow vulnerability in get_l2len() that can make tcpprep crash and cause a denial of service. | ||
| CVE-2020-24265 | Hig | 0.49 | 7.5 | 0.03 | Oct 19, 2020 | An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap buffer overflow vulnerability in MemcmpInterceptorCommon() that can make tcpprep crash and cause a denial of service. | ||
| CVE-2020-15909 | Hig | 0.57 | 8.8 | 0.02 | Oct 19, 2020 | SolarWinds N-central through 2020.1 allows session hijacking and requires user interaction or physical access. The N-Central JSESSIONID cookie attribute is not checked against multiple sources such as sourceip, MFA claim, etc. as long as the victim stays logged in within… | ||
| CVE-2020-13778 | Hig | 0.58 | 8.8 | 0.04 | Oct 19, 2020 | rConfig 3.9.4 and earlier allows authenticated code execution (of system commands) by sending a forged GET request to lib/ajaxHandlers/ajaxAddTemplate.php or lib/ajaxHandlers/ajaxEditTemplate.php. | ||
| CVE-2020-7745 | Hig | 0.46 | 7.1 | 0.03 | Oct 19, 2020 | This affects the package MintegralAdSDK before 6.6.0.0. The SDK distributed by the company contains malicious functionality that acts as a backdoor. Mintegral and their partners (advertisers) can remotely execute arbitrary code on a user device. | ||
| CVE-2020-1243 | Hig | 0.51 | 7.8 | 0.01 | Oct 16, 2020 | A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate specific malicious data from a user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest… | ||
| CVE-2020-1167 | Hig | 0.51 | 7.8 | 0.04 | Oct 16, 2020 | A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code on a target system. To exploit the vulnerability, a user would… | ||
| CVE-2020-1080 | Hig | 0.57 | 8.8 | 0.01 | Oct 16, 2020 | An elevation of privilege vulnerability exists when Windows Hyper-V on a host server fails to properly handle objects in memory. An attacker who successfully exploited these vulnerabilities could gain elevated privileges on a target operating system. This vulnerability… | ||
| CVE-2020-1047 | Hig | 0.51 | 7.8 | 0.01 | Oct 16, 2020 | An elevation of privilege vulnerability exists when Windows Hyper-V on a host server fails to properly handle objects in memory. An attacker who successfully exploited these vulnerabilities could gain elevated privileges on a target operating system. This vulnerability… | ||
| CVE-2020-17023 | Hig | 0.51 | 7.8 | 0.04 | Oct 16, 2020 | A remote code execution vulnerability exists in Visual Studio Code when a user is tricked into opening a malicious 'package.json' file. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is… | ||
| CVE-2020-17022 | Hig | 0.51 | 7.8 | 0.04 | Oct 16, 2020 | A remote code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code. Exploitation of the vulnerability requires that a program… | ||
| CVE-2020-17003 | Hig | 0.51 | 7.8 | 0.04 | Oct 16, 2020 | A remote code execution vulnerability exists when the Base3D rendering engine improperly handles memory. An attacker who successfully exploited the vulnerability would gain execution on a victim system. The security update addresses the vulnerability by… | ||
| CVE-2020-16995 | Hig | 0.51 | 7.8 | 0.01 | Oct 16, 2020 | An elevation of privilege vulnerability exists in Network Watcher Agent virtual machine extension for Linux. An attacker who successfully exploited this vulnerability could execute code with elevated privileges. To exploit this vulnerability, an attacker would have to… | ||
| CVE-2020-16980 | Hig | 0.51 | 7.8 | 0.01 | Oct 16, 2020 | An elevation of privilege vulnerability exists when the Windows iSCSI Target Service improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges. To exploit the vulnerability, an attacker would first need… | ||
| CVE-2020-16977 | Hig | 0.46 | 7.0 | 0.03 | Oct 16, 2020 | A remote code execution vulnerability exists in Visual Studio Code when the Python extension loads a Jupyter notebook file. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on… | ||
| CVE-2020-16976 | Hig | 0.51 | 7.8 | 0.01 | Oct 16, 2020 | An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted… | ||
| CVE-2020-16975 | Hig | 0.51 | 7.8 | 0.01 | Oct 16, 2020 | An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted… | ||
| CVE-2020-16974 | Hig | 0.51 | 7.8 | 0.01 | Oct 16, 2020 | An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted… | ||
| CVE-2020-16973 | Hig | 0.51 | 7.8 | 0.01 | Oct 16, 2020 | An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted… | ||
| CVE-2020-16972 | Hig | 0.51 | 7.8 | 0.01 | Oct 16, 2020 | An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted… | ||
| CVE-2020-16969 | Hig | 0.46 | 7.1 | 0.03 | Oct 16, 2020 | An information disclosure vulnerability exists in how Microsoft Exchange validates tokens when handling certain messages. An attacker who successfully exploited the vulnerability could use this to gain further information from a user. To exploit the vulnerability, an… | ||
| CVE-2020-16968 | Hig | 0.51 | 7.8 | 0.05 | Oct 16, 2020 | A remote code execution vulnerability exists when the Windows Camera Codec Pack improperly handles objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with… |
- risk 0.48cvss 7.3epss 0.01
In JetBrains YouTrack before 2020.2.10514, SSRF is possible because URL filtering can be escaped.
- risk 0.57cvss 8.8epss 0.03
A iccselectrules expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
- risk 0.57cvss 8.8epss 0.03
A perfaddormoddevicemonitor expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
- risk 0.57cvss 8.8epss 0.03
A ictexpertcsvdownload expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
- risk 0.57cvss 8.8epss 0.03
A devicethresholdconfig expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
- risk 0.57cvss 8.8epss 0.03
A devsoftsel expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
- risk 0.57cvss 8.8epss 0.03
A deviceselect expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
- risk 0.57cvss 8.8epss 0.03
A faultflasheventselectfact expression language injectionremote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
- risk 0.57cvss 8.8epss 0.03
A userselectpagingcontent expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
- risk 0.57cvss 8.8epss 0.03
A reportpage index expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
- risk 0.57cvss 8.8epss 0.03
A powershellconfigcontent expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
- risk 0.57cvss 8.8epss 0.03
A tvxlanlegend expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
- risk 0.57cvss 8.8epss 0.03
A viewbatchtaskresultdetailfact expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
- risk 0.57cvss 8.8epss 0.03
A forwardredirect expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
- risk 0.57cvss 8.8epss 0.03
A sshconfig expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
- risk 0.57cvss 8.8epss 0.03
A smsrulesdownload expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
- risk 0.57cvss 8.8epss 0.03
A ictexpertdownload expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
- risk 0.57cvss 8.8epss 0.03
A thirdpartyperfselecttask expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
- risk 0.57cvss 8.8epss 0.03
A mediaforaction expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
- risk 0.57cvss 8.8epss 0.03
A wmiconfigcontent expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
- risk 0.57cvss 8.8epss 0.03
A viewtaskresultdetailfact expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
- risk 0.57cvss 8.8epss 0.03
A iccselectdymicparam expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
- risk 0.57cvss 8.8epss 0.03
A soapconfigcontent expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
- risk 0.57cvss 8.8epss 0.03
A actionselectcontent expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
- risk 0.57cvss 8.8epss 0.02
A remote operatoronlinelist_content privilege escalation vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
- risk 0.49cvss 7.5epss 0.02
GoPro gpmf-parser 1.5 has a division-by-zero vulnerability in GPMF_ScaledData(). Parsing malicious input can result in a crash.
- risk 0.49cvss 7.5epss 0.01
GoPro gpmf-parser 1.5 has a division-by-zero vulnerability in GPMF_Decompress(). Parsing malicious input can result in a crash.
- risk 0.57cvss 8.8epss 0.02
GoPro gpmf-parser through 1.5 has a stack out-of-bounds write vulnerability in GPMF_ExpandComplexTYPE(). Parsing malicious input can result in a crash or potentially arbitrary code execution.
- risk 0.49cvss 7.5epss 0.03
An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap buffer overflow vulnerability in get_l2len() that can make tcpprep crash and cause a denial of service.
- risk 0.49cvss 7.5epss 0.03
An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap buffer overflow vulnerability in MemcmpInterceptorCommon() that can make tcpprep crash and cause a denial of service.
- risk 0.57cvss 8.8epss 0.02
SolarWinds N-central through 2020.1 allows session hijacking and requires user interaction or physical access. The N-Central JSESSIONID cookie attribute is not checked against multiple sources such as sourceip, MFA claim, etc. as long as the victim stays logged in within…
- risk 0.58cvss 8.8epss 0.04
rConfig 3.9.4 and earlier allows authenticated code execution (of system commands) by sending a forged GET request to lib/ajaxHandlers/ajaxAddTemplate.php or lib/ajaxHandlers/ajaxEditTemplate.php.
- risk 0.46cvss 7.1epss 0.03
This affects the package MintegralAdSDK before 6.6.0.0. The SDK distributed by the company contains malicious functionality that acts as a backdoor. Mintegral and their partners (advertisers) can remotely execute arbitrary code on a user device.
- risk 0.51cvss 7.8epss 0.01
A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate specific malicious data from a user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest…
- risk 0.51cvss 7.8epss 0.04
A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code on a target system. To exploit the vulnerability, a user would…
- risk 0.57cvss 8.8epss 0.01
An elevation of privilege vulnerability exists when Windows Hyper-V on a host server fails to properly handle objects in memory. An attacker who successfully exploited these vulnerabilities could gain elevated privileges on a target operating system. This vulnerability…
- risk 0.51cvss 7.8epss 0.01
An elevation of privilege vulnerability exists when Windows Hyper-V on a host server fails to properly handle objects in memory. An attacker who successfully exploited these vulnerabilities could gain elevated privileges on a target operating system. This vulnerability…
- risk 0.51cvss 7.8epss 0.04
A remote code execution vulnerability exists in Visual Studio Code when a user is tricked into opening a malicious 'package.json' file. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is…
- risk 0.51cvss 7.8epss 0.04
A remote code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code. Exploitation of the vulnerability requires that a program…
- risk 0.51cvss 7.8epss 0.04
A remote code execution vulnerability exists when the Base3D rendering engine improperly handles memory. An attacker who successfully exploited the vulnerability would gain execution on a victim system. The security update addresses the vulnerability by…
- risk 0.51cvss 7.8epss 0.01
An elevation of privilege vulnerability exists in Network Watcher Agent virtual machine extension for Linux. An attacker who successfully exploited this vulnerability could execute code with elevated privileges. To exploit this vulnerability, an attacker would have to…
- risk 0.51cvss 7.8epss 0.01
An elevation of privilege vulnerability exists when the Windows iSCSI Target Service improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges. To exploit the vulnerability, an attacker would first need…
- risk 0.46cvss 7.0epss 0.03
A remote code execution vulnerability exists in Visual Studio Code when the Python extension loads a Jupyter notebook file. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on…
- risk 0.51cvss 7.8epss 0.01
An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted…
- risk 0.51cvss 7.8epss 0.01
An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted…
- risk 0.51cvss 7.8epss 0.01
An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted…
- risk 0.51cvss 7.8epss 0.01
An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted…
- risk 0.51cvss 7.8epss 0.01
An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted…
- risk 0.46cvss 7.1epss 0.03
An information disclosure vulnerability exists in how Microsoft Exchange validates tokens when handling certain messages. An attacker who successfully exploited the vulnerability could use this to gain further information from a user. To exploit the vulnerability, an…
- risk 0.51cvss 7.8epss 0.05
A remote code execution vulnerability exists when the Windows Camera Codec Pack improperly handles objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with…