| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-27524 | Hig | 0.46 | 7.1 | 0.01 | Nov 11, 2020 | On Audi A7 MMI 2014 vehicles, the Bluetooth stack in Audi A7 MMI Multiplayer with version (N+R_CN_AU_P0395) mishandles %x and %s format string specifiers in a device name. This may lead to memory content leaks and potentially crash the services. | ||
| CVE-2020-27523 | Hig | 0.49 | 7.5 | 0.02 | Nov 11, 2020 | Solstice-Pod up to 5.0.2 WEBRTC server mishandles the format-string specifiers %x; %p; %c and %s in the screen_key, display_name, browser_name, and operation_system parameter during the authentication process. This may crash the server and force Solstice-Pod to reboot, which… | ||
| CVE-2020-4685 | Hig | 0.47 | 7.2 | 0.01 | Nov 11, 2020 | A low level user of IBM Cognos Controller 10.3.0, 10.3.1, 10.4.0, 10.4.1, and 10.4.2 who has Administration rights to the server where the application is installed, can escalate their privilege from Low level to Super Admin and gain access to Create/Update/Delete any level of… | ||
| CVE-2020-7768 | Hig | 0.00 | 7.5 | 0.04 | Nov 11, 2020 | The package grpc before 1.24.4; the package @grpc/grpc-js before 1.1.8 are vulnerable to Prototype Pollution via loadPackageDefinition. | ||
| CVE-2020-7329 | Hig | 0.47 | 7.2 | 0.02 | Nov 11, 2020 | Server-side request forgery vulnerability in the ePO extension in McAfee MVISION Endpoint prior to 20.11 allows remote attackers trigger server-side DNS requests to arbitrary domains via carefully constructed XML files loaded by an ePO administrator. | ||
| CVE-2020-7328 | Hig | 0.47 | 7.2 | 0.02 | Nov 11, 2020 | External entity attack vulnerability in the ePO extension in McAfee MVISION Endpoint prior to 20.11 allows remote attackers to gain control of a resource or trigger arbitrary code execution via improper input validation of an HTTP request, where the content for the attack has… | ||
| CVE-2020-17110 | Hig | 0.51 | 7.8 | 0.04 | Nov 11, 2020 | HEVC Video Extensions Remote Code Execution Vulnerability | ||
| CVE-2020-17109 | Hig | 0.51 | 7.8 | 0.04 | Nov 11, 2020 | HEVC Video Extensions Remote Code Execution Vulnerability | ||
| CVE-2020-17108 | Hig | 0.51 | 7.8 | 0.04 | Nov 11, 2020 | HEVC Video Extensions Remote Code Execution Vulnerability | ||
| CVE-2020-17107 | Hig | 0.51 | 7.8 | 0.04 | Nov 11, 2020 | HEVC Video Extensions Remote Code Execution Vulnerability | ||
| CVE-2020-17106 | Hig | 0.51 | 7.8 | 0.04 | Nov 11, 2020 | HEVC Video Extensions Remote Code Execution Vulnerability | ||
| CVE-2020-17105 | Hig | 0.51 | 7.8 | 0.03 | Nov 11, 2020 | AV1 Video Extension Remote Code Execution Vulnerability | ||
| CVE-2020-17104 | Hig | 0.51 | 7.8 | 0.04 | Nov 11, 2020 | Visual Studio Code JSHint Extension Remote Code Execution Vulnerability | ||
| CVE-2020-17101 | Hig | 0.51 | 7.8 | 0.01 | Nov 11, 2020 | HEIF Image Extensions Remote Code Execution Vulnerability | ||
| CVE-2020-17091 | Hig | 0.51 | 7.8 | 0.02 | Nov 11, 2020 | Microsoft Teams Remote Code Execution Vulnerability | ||
| CVE-2020-17088 | Hig | 0.51 | 7.8 | 0.01 | Nov 11, 2020 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | ||
| CVE-2020-17087 | Hig | 0.63 | 7.8 | 0.05 | KEV | Nov 11, 2020 | Windows Kernel Local Elevation of Privilege Vulnerability | |
| CVE-2020-17086 | Hig | 0.51 | 7.8 | 0.04 | Nov 11, 2020 | Raw Image Extension Remote Code Execution Vulnerability | ||
| CVE-2020-17084 | Hig | 0.56 | 8.5 | 0.04 | Nov 11, 2020 | Microsoft Exchange Server Remote Code Execution Vulnerability | ||
| CVE-2020-17082 | Hig | 0.51 | 7.8 | 0.03 | Nov 11, 2020 | Raw Image Extension Remote Code Execution Vulnerability | ||
| CVE-2020-17079 | Hig | 0.51 | 7.8 | 0.03 | Nov 11, 2020 | Raw Image Extension Remote Code Execution Vulnerability | ||
| CVE-2020-17078 | Hig | 0.51 | 7.8 | 0.03 | Nov 11, 2020 | Raw Image Extension Remote Code Execution Vulnerability | ||
| CVE-2020-17077 | Hig | 0.51 | 7.8 | 0.01 | Nov 11, 2020 | Windows Update Stack Elevation of Privilege Vulnerability | ||
| CVE-2020-17076 | Hig | 0.51 | 7.8 | 0.01 | Nov 11, 2020 | Windows Update Orchestrator Service Elevation of Privilege Vulnerability | ||
| CVE-2020-17075 | Hig | 0.51 | 7.8 | 0.01 | Nov 11, 2020 | Windows USO Core Worker Elevation of Privilege Vulnerability | ||
| CVE-2020-17074 | Hig | 0.51 | 7.8 | 0.01 | Nov 11, 2020 | Windows Update Orchestrator Service Elevation of Privilege Vulnerability | ||
| CVE-2020-17073 | Hig | 0.51 | 7.8 | 0.01 | Nov 11, 2020 | Windows Update Orchestrator Service Elevation of Privilege Vulnerability | ||
| CVE-2020-17070 | Hig | 0.51 | 7.8 | 0.01 | Nov 11, 2020 | Windows Update Medic Service Elevation of Privilege Vulnerability | ||
| CVE-2020-17068 | Hig | 0.51 | 7.8 | 0.01 | Nov 11, 2020 | Windows GDI+ Remote Code Execution Vulnerability | ||
| CVE-2020-17067 | Hig | 0.51 | 7.8 | 0.03 | Nov 11, 2020 | Microsoft Excel Security Feature Bypass Vulnerability | ||
| CVE-2020-17066 | Hig | 0.51 | 7.8 | 0.04 | Nov 11, 2020 | Microsoft Excel Remote Code Execution Vulnerability | ||
| CVE-2020-17065 | Hig | 0.51 | 7.8 | 0.04 | Nov 11, 2020 | Microsoft Excel Remote Code Execution Vulnerability | ||
| CVE-2020-17064 | Hig | 0.51 | 7.8 | 0.03 | Nov 11, 2020 | Microsoft Excel Remote Code Execution Vulnerability | ||
| CVE-2020-17062 | Hig | 0.51 | 7.8 | 0.04 | Nov 11, 2020 | Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability | ||
| CVE-2020-17061 | Hig | 0.58 | 8.8 | 0.04 | Nov 11, 2020 | Microsoft SharePoint Remote Code Execution Vulnerability | ||
| CVE-2020-17058 | Hig | 0.49 | 7.5 | 0.03 | Nov 11, 2020 | Microsoft Browser Memory Corruption Vulnerability | ||
| CVE-2020-17057 | Hig | 0.46 | 7.0 | 0.02 | Nov 11, 2020 | Windows Win32k Elevation of Privilege Vulnerability | ||
| CVE-2020-17055 | Hig | 0.51 | 7.8 | 0.03 | Nov 11, 2020 | Windows Remote Access Elevation of Privilege Vulnerability | ||
| CVE-2020-17053 | Hig | 0.49 | 7.5 | 0.03 | Nov 11, 2020 | Internet Explorer Memory Corruption Vulnerability | ||
| CVE-2020-17052 | Hig | 0.49 | 7.5 | 0.02 | Nov 11, 2020 | Scripting Engine Memory Corruption Vulnerability | ||
| CVE-2020-17047 | Hig | 0.51 | 7.5 | 0.25 | Nov 11, 2020 | Windows Network File System Denial of Service Vulnerability | ||
| CVE-2020-17044 | Hig | 0.51 | 7.8 | 0.03 | Nov 11, 2020 | Windows Remote Access Elevation of Privilege Vulnerability | ||
| CVE-2020-17043 | Hig | 0.51 | 7.8 | 0.03 | Nov 11, 2020 | Windows Remote Access Elevation of Privilege Vulnerability | ||
| CVE-2020-17042 | Hig | 0.58 | 8.8 | 0.05 | Nov 11, 2020 | Windows Print Spooler Remote Code Execution Vulnerability | ||
| CVE-2020-17041 | Hig | 0.51 | 7.8 | 0.01 | Nov 11, 2020 | Windows Print Configuration Elevation of Privilege Vulnerability | ||
| CVE-2020-17038 | Hig | 0.51 | 7.8 | 0.01 | Nov 11, 2020 | Win32k Elevation of Privilege Vulnerability | ||
| CVE-2020-17037 | Hig | 0.51 | 7.8 | 0.01 | Nov 11, 2020 | Windows WalletService Elevation of Privilege Vulnerability | ||
| CVE-2020-17035 | Hig | 0.51 | 7.8 | 0.01 | Nov 11, 2020 | Windows Kernel Elevation of Privilege Vulnerability | ||
| CVE-2020-17034 | Hig | 0.51 | 7.8 | 0.01 | Nov 11, 2020 | Windows Remote Access Elevation of Privilege Vulnerability | ||
| CVE-2020-17033 | Hig | 0.51 | 7.8 | 0.01 | Nov 11, 2020 | Windows Remote Access Elevation of Privilege Vulnerability |
- risk 0.46cvss 7.1epss 0.01
On Audi A7 MMI 2014 vehicles, the Bluetooth stack in Audi A7 MMI Multiplayer with version (N+R_CN_AU_P0395) mishandles %x and %s format string specifiers in a device name. This may lead to memory content leaks and potentially crash the services.
- risk 0.49cvss 7.5epss 0.02
Solstice-Pod up to 5.0.2 WEBRTC server mishandles the format-string specifiers %x; %p; %c and %s in the screen_key, display_name, browser_name, and operation_system parameter during the authentication process. This may crash the server and force Solstice-Pod to reboot, which…
- risk 0.47cvss 7.2epss 0.01
A low level user of IBM Cognos Controller 10.3.0, 10.3.1, 10.4.0, 10.4.1, and 10.4.2 who has Administration rights to the server where the application is installed, can escalate their privilege from Low level to Super Admin and gain access to Create/Update/Delete any level of…
- risk 0.00cvss 7.5epss 0.04
The package grpc before 1.24.4; the package @grpc/grpc-js before 1.1.8 are vulnerable to Prototype Pollution via loadPackageDefinition.
- risk 0.47cvss 7.2epss 0.02
Server-side request forgery vulnerability in the ePO extension in McAfee MVISION Endpoint prior to 20.11 allows remote attackers trigger server-side DNS requests to arbitrary domains via carefully constructed XML files loaded by an ePO administrator.
- risk 0.47cvss 7.2epss 0.02
External entity attack vulnerability in the ePO extension in McAfee MVISION Endpoint prior to 20.11 allows remote attackers to gain control of a resource or trigger arbitrary code execution via improper input validation of an HTTP request, where the content for the attack has…
- risk 0.51cvss 7.8epss 0.04
HEVC Video Extensions Remote Code Execution Vulnerability
- risk 0.51cvss 7.8epss 0.04
HEVC Video Extensions Remote Code Execution Vulnerability
- risk 0.51cvss 7.8epss 0.04
HEVC Video Extensions Remote Code Execution Vulnerability
- risk 0.51cvss 7.8epss 0.04
HEVC Video Extensions Remote Code Execution Vulnerability
- risk 0.51cvss 7.8epss 0.04
HEVC Video Extensions Remote Code Execution Vulnerability
- risk 0.51cvss 7.8epss 0.03
AV1 Video Extension Remote Code Execution Vulnerability
- risk 0.51cvss 7.8epss 0.04
Visual Studio Code JSHint Extension Remote Code Execution Vulnerability
- risk 0.51cvss 7.8epss 0.01
HEIF Image Extensions Remote Code Execution Vulnerability
- risk 0.51cvss 7.8epss 0.02
Microsoft Teams Remote Code Execution Vulnerability
- risk 0.51cvss 7.8epss 0.01
Windows Common Log File System Driver Elevation of Privilege Vulnerability
- risk 0.63cvss 7.8epss 0.05
Windows Kernel Local Elevation of Privilege Vulnerability
- risk 0.51cvss 7.8epss 0.04
Raw Image Extension Remote Code Execution Vulnerability
- risk 0.56cvss 8.5epss 0.04
Microsoft Exchange Server Remote Code Execution Vulnerability
- risk 0.51cvss 7.8epss 0.03
Raw Image Extension Remote Code Execution Vulnerability
- risk 0.51cvss 7.8epss 0.03
Raw Image Extension Remote Code Execution Vulnerability
- risk 0.51cvss 7.8epss 0.03
Raw Image Extension Remote Code Execution Vulnerability
- risk 0.51cvss 7.8epss 0.01
Windows Update Stack Elevation of Privilege Vulnerability
- risk 0.51cvss 7.8epss 0.01
Windows Update Orchestrator Service Elevation of Privilege Vulnerability
- risk 0.51cvss 7.8epss 0.01
Windows USO Core Worker Elevation of Privilege Vulnerability
- risk 0.51cvss 7.8epss 0.01
Windows Update Orchestrator Service Elevation of Privilege Vulnerability
- risk 0.51cvss 7.8epss 0.01
Windows Update Orchestrator Service Elevation of Privilege Vulnerability
- risk 0.51cvss 7.8epss 0.01
Windows Update Medic Service Elevation of Privilege Vulnerability
- risk 0.51cvss 7.8epss 0.01
Windows GDI+ Remote Code Execution Vulnerability
- risk 0.51cvss 7.8epss 0.03
Microsoft Excel Security Feature Bypass Vulnerability
- risk 0.51cvss 7.8epss 0.04
Microsoft Excel Remote Code Execution Vulnerability
- risk 0.51cvss 7.8epss 0.04
Microsoft Excel Remote Code Execution Vulnerability
- risk 0.51cvss 7.8epss 0.03
Microsoft Excel Remote Code Execution Vulnerability
- risk 0.51cvss 7.8epss 0.04
Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
- risk 0.58cvss 8.8epss 0.04
Microsoft SharePoint Remote Code Execution Vulnerability
- risk 0.49cvss 7.5epss 0.03
Microsoft Browser Memory Corruption Vulnerability
- risk 0.46cvss 7.0epss 0.02
Windows Win32k Elevation of Privilege Vulnerability
- risk 0.51cvss 7.8epss 0.03
Windows Remote Access Elevation of Privilege Vulnerability
- risk 0.49cvss 7.5epss 0.03
Internet Explorer Memory Corruption Vulnerability
- risk 0.49cvss 7.5epss 0.02
Scripting Engine Memory Corruption Vulnerability
- risk 0.51cvss 7.5epss 0.25
Windows Network File System Denial of Service Vulnerability
- risk 0.51cvss 7.8epss 0.03
Windows Remote Access Elevation of Privilege Vulnerability
- risk 0.51cvss 7.8epss 0.03
Windows Remote Access Elevation of Privilege Vulnerability
- risk 0.58cvss 8.8epss 0.05
Windows Print Spooler Remote Code Execution Vulnerability
- risk 0.51cvss 7.8epss 0.01
Windows Print Configuration Elevation of Privilege Vulnerability
- risk 0.51cvss 7.8epss 0.01
Win32k Elevation of Privilege Vulnerability
- risk 0.51cvss 7.8epss 0.01
Windows WalletService Elevation of Privilege Vulnerability
- risk 0.51cvss 7.8epss 0.01
Windows Kernel Elevation of Privilege Vulnerability
- risk 0.51cvss 7.8epss 0.01
Windows Remote Access Elevation of Privilege Vulnerability
- risk 0.51cvss 7.8epss 0.01
Windows Remote Access Elevation of Privilege Vulnerability