CWE-732

A security feature bypass vulnerability exists in Microsoft Office software by not enforcing macro settings on an Excel document, aka ‘Microsoft Office Excel Security Feature Bypass’.

AdRem NetCrunch 10.6.0.4587 has an Improper Session Handling vulnerability in the NetCrunch web client, which can lead to an authentication bypass or escalation of privileges.

cPanel before 80.0.5 uses world-readable permissions for the Queueprocd log (SEC-494).

An elevation of privilege vulnerability exists in Windows 10 Update Assistant in the way it handles permissions.A locally authenticated attacker could run arbitrary code with elevated system privileges, aka ‘Windows 10 Update Assistant Elevation of Privilege Vulnerability’.

Insufficient filtering in Blink in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass multiple file download protection via a crafted HTML page.

Insufficient policy enforcement in Chromium in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page.