• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-732

CVE-2020-36154

February 26, 2023 by

The Application Wrapper in Pearson VUE VTS Installer 2.3.1911 has Full Control permissions for Everyone in the “%SYSTEMDRIVE%Pearson VUE” directory, which allows local users to obtain administrative privileges via a Trojan horse application.

CVE-2020-3595

February 26, 2023 by

A vulnerability in Cisco SD-WAN Software could allow an authenticated, local attacker to elevate privileges to root group on the underlying operating system. The vulnerability is due to incorrect permissions being set when the affected command is executed. An attacker could exploit this vulnerability by executing the affected command on an affected system. A successful exploit could allow the attacker to gain root privileges.

CVE-2020-3503

February 26, 2023 by

A vulnerability in the file system permissions of Cisco IOS XE Software could allow an authenticated, local attacker to obtain read and write access to critical configuration or system files. The vulnerability is due to insufficient file system permissions on an affected device. An attacker could exploit this vulnerability by connecting to an affected device’s guest shell, and accessing or modifying restricted files. A successful exploit could allow the attacker to view or modify restricted information or configurations that are normally not accessible to system administrators.

CVE-2020-3312

February 26, 2023 by

A vulnerability in the application policy configuration of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data on an affected device. The vulnerability is due to insufficient application identification. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to gain unauthorized read access to sensitive data.

CVE-2020-29074

February 26, 2023 by

scan.c in x11vnc 0.9.16 uses IPC_CREAT|0777 in shmget calls, which allows access by actors other than the current user.

CVE-2020-28909

February 26, 2023 by

Incorrect File Permissions in Nagios Fusion 4.1.8 and earlier allows for Privilege Escalation to root via modification of scripts. Low-privileges users are able to modify files that can be executed by sudo.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 51
  • Go to page 52
  • Go to page 53
  • Go to page 54
  • Go to page 55
  • Interim pages omitted …
  • Go to page 144
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE