• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-732

CVE-2020-15838

February 26, 2023 by

The Agent Update System in ConnectWise Automate before 2020.8 allows Privilege Escalation because the _LTUPDATE folder has weak permissions.

CVE-2020-15776

February 26, 2023 by

An issue was discovered in Gradle Enterprise 2018.2 – 2020.2.4. The CSRF prevention token is stored in a request cookie that is not annotated as HttpOnly. An attacker with the ability to execute arbitrary code in a user’s browser could impose an arbitrary value for this token, allowing them to perform cross-site request forgery.

CVE-2020-15708

February 26, 2023 by

Ubuntu’s packaging of libvirt in 20.04 LTS created a control socket with world read and write permissions. An attacker could use this to overwrite arbitrary files or execute arbitrary code.

CVE-2020-15697

February 26, 2023 by

An issue was discovered in Joomla! through 3.9.19. Internal read-only fields in the User table class could be modified by users.

CVE-2020-15528

February 26, 2023 by

An issue was discovered in GOG Galaxy Client 2.0.17. Local escalation of privileges is possible when a user starts or uninstalls a game because of weak file permissions and missing file integrity checks.

CVE-2020-15529

February 26, 2023 by

An issue was discovered in GOG Galaxy Client 2.0.17. Local escalation of privileges is possible when a user installs a game or performs a verify/repair operation. The issue exists because of weak file permissions and can be exploited by using opportunistic locks.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 60
  • Go to page 61
  • Go to page 62
  • Go to page 63
  • Go to page 64
  • Interim pages omitted …
  • Go to page 144
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE