Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-10-05 | CVE-2020-12302 | Improper Privilege Management vulnerability in Intel Driver & Support Assistant Improper permissions in the Intel(R) Driver & Support Assistant before version 20.7.26.7 may allow an authenticated user to potentially enable escalation of privilege via local access. | 4.6 |
2020-10-05 | CVE-2020-8671 | Always-Incorrect Control Flow Implementation vulnerability in Intel Bios Insufficient control flow management in BIOS firmware 8th, 9th Generation Intel(R) Core(TM) Processors and Intel(R) Celeron(R) Processor 4000 Series may allow an authenticated user to potentially enable information disclosure via local access. | 2.1 |
2020-10-05 | CVE-2020-8228 | Improper Restriction of Excessive Authentication Attempts vulnerability in multiple products A missing rate limit in the Preferred Providers app 1.7.0 allowed an attacker to set the password an uncontrolled amount of times. | 5.0 |
2020-10-05 | CVE-2020-8223 | Improper Privilege Management vulnerability in multiple products A logic error in Nextcloud Server 19.0.0 caused a privilege escalation allowing malicious users to reshare with higher permissions than they got assigned themselves. | 6.5 |
2020-10-05 | CVE-2020-0571 | Information Exposure vulnerability in Intel Bios Improper conditions check in BIOS firmware for 8th Generation Intel(R) Core(TM) Processors and Intel(R) Pentium(R) Silver Processor Series may allow an authenticated user to potentially enable information disclosure via local access. | 2.1 |
2020-10-05 | CVE-2019-14558 | Insufficient control flow management in BIOS firmware for 8th, 9th, 10th Generation Intel(R) Core(TM), Intel(R) Celeron(R) Processor 4000 & 5000 Series Processors may allow an authenticated user to potentially enable denial of service via adjacent access. | 2.7 |
2020-10-05 | CVE-2019-14557 | Classic Buffer Overflow vulnerability in Intel Bios Buffer overflow in BIOS firmware for 8th, 9th, 10th Generation Intel(R) Core(TM), Intel(R) Celeron(R) Processor 4000 & 5000 Series Processors may allow an authenticated user to potentially enable elevation of privilege or denial of service via adjacent access. | 5.2 |
2020-10-05 | CVE-2020-25636 | Files or Directories Accessible to External Parties vulnerability in Redhat Ansible 2.10.1 A flaw was found in Ansible Base when using the aws_ssm connection plugin as there is no namespace separation for file transfers. | 7.1 |
2020-10-05 | CVE-2020-26166 | Cross-site Scripting vulnerability in Qdpm 9.1 The file upload functionality in qdPM 9.1 doesn't check the file description, which allows remote authenticated attackers to inject web script or HTML via the attachments info parameter, aka XSS. | 3.5 |
2020-10-05 | CVE-2020-7709 | Unspecified vulnerability in Smallpdf Json-Pointer This affects the package json-pointer before 0.6.1. | 7.2 |