Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-02 | CVE-2020-25045 | Uncontrolled Search Path Element vulnerability in Kaspersky Security Center and Security Center web Console Installers of Kaspersky Security Center and Kaspersky Security Center Web Console prior to 12 & prior to 12 Patch A were vulnerable to a DLL hijacking attack that allowed an attacker to elevate privileges in the system. | 4.4 |
| 2020-09-02 | CVE-2020-25044 | Unspecified vulnerability in Kaspersky Virus Removal Tool Kaspersky Virus Removal Tool (KVRT) prior to 15.0.23.0 was vulnerable to arbitrary file corruption that could provide an attacker with the opportunity to eliminate content of any file in the system. | 3.6 |
| 2020-09-02 | CVE-2020-25043 | Unspecified vulnerability in Kaspersky VPN Secure Connection The installer of Kaspersky VPN Secure Connection prior to 5.0 was vulnerable to arbitrary file deletion that could allow an attacker to delete any file in the system. | 3.6 |
| 2020-09-02 | CVE-2020-4693 | Improper Input Validation vulnerability in IBM Spectrum Protect Operations Center IBM Spectrum Protect Operations Center 7.1.0.000 through 7.1.10 and 8.1.0.000 through 8.1.9 may allow an attacker to execute arbitrary code on the system, caused by improper validation of data prior to export. | 7.5 |
| 2020-09-02 | CVE-2020-4546 | Cross-site Scripting vulnerability in IBM products IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. | 3.5 |
| 2020-09-02 | CVE-2020-4522 | Cross-site Scripting vulnerability in IBM products IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. | 3.5 |
| 2020-09-02 | CVE-2020-4445 | Cross-site Scripting vulnerability in IBM products IBM Jazz Team Server based Applications are vulnerable to cross-site scripting. | 3.5 |
| 2020-09-02 | CVE-2020-15167 | Uncontrolled Search Path Element vulnerability in Johnkerl Miller 5.9.0 In Miller (command line utility) using the configuration file support introduced in version 5.9.0, it is possible for an attacker to cause Miller to run arbitrary code by placing a malicious `.mlrrc` file in the working directory. | 4.4 |
| 2020-09-02 | CVE-2020-15094 | Improper Cross-boundary Removal of Sensitive Data vulnerability in multiple products In Symfony before versions 4.4.13 and 5.1.5, the CachingHttpClient class from the HttpClient Symfony component relies on the HttpCache class to handle requests. | 8.8 |
| 2020-09-02 | CVE-2020-25026 | Incorrect Authorization vulnerability in Derhansen Event Management and Registration The sf_event_mgt (aka Event management and registration) extension before 4.3.1 and 5.x before 5.1.1 for TYPO3 allows Information Disclosure (participant data, and event data via email) because of Broken Access Control. | 4.0 |