• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-732

CVE-2020-1704

February 26, 2023 by

An insecure modification vulnerability in the /etc/passwd file was found in all versions of OpenShift ServiceMesh (maistra) before 1.0.8 in the openshift/istio-kialia-rhel7-operator-container. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges.

CVE-2020-1701

February 26, 2023 by

A flaw was found in the KubeVirt main virt-handler versions before 0.26.0 regarding the access permissions of virt-handler. An attacker with access to create VMs could attach any secret within their namespace, allowing them to read the contents of that secret.

CVE-2020-16990

February 26, 2023 by

Azure Sphere Information Disclosure Vulnerability This CVE ID is unique from CVE-2020-16985.

CVE-2020-1694

February 26, 2023 by

A flaw was found in all versions of Keycloak before 10.0.0, where the NodeJS adapter did not support the verify-token-audience. This flaw results in some users having access to sensitive information outside of their permissions.

CVE-2020-16202

February 26, 2023 by

WebAccess Node (All versions prior to 9.0.1) has incorrect permissions set for resources used by specific services, which may allow code execution with system privileges.

CVE-2020-15910

February 26, 2023 by

SolarWinds N-Central version 12.3 GA and lower does not set the JSESSIONID attribute to HTTPOnly. This makes it possible to influence the cookie with javascript. An attacker could send the user to a prepared webpage or by influencing JavaScript to the extract the JESSIONID. This could then be forwarded to the attacker.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 59
  • Go to page 60
  • Go to page 61
  • Go to page 62
  • Go to page 63
  • Interim pages omitted …
  • Go to page 144
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE