Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-22 | CVE-2020-3344 | Classic Buffer Overflow vulnerability in Cisco Advanced Malware Protection FOR Endpoints A vulnerability in Cisco AMP for Endpoints Linux Connector Software and Cisco AMP for Endpoints Mac Connector Software could allow an authenticated, local attacker to cause a buffer overflow on an affected device. | 2.1 |
| 2020-05-22 | CVE-2020-3343 | Classic Buffer Overflow vulnerability in Cisco Advanced Malware Protection FOR Endpoints A vulnerability in Cisco AMP for Endpoints Linux Connector Software and Cisco AMP for Endpoints Mac Connector Software could allow an authenticated, local attacker to cause a buffer overflow on an affected device. | 2.1 |
| 2020-05-22 | CVE-2020-3314 | Improper Input Validation vulnerability in Cisco Advanced Malware Protection for Endpoints A vulnerability in the file scan process of Cisco AMP for Endpoints Mac Connector Software could cause the scan engine to crash during the scan of local files, resulting in a restart of the AMP Connector and a denial of service (DoS) condition of the Cisco AMP for Endpoints service. | 5.8 |
| 2020-05-22 | CVE-2020-3280 | Deserialization of Untrusted Data vulnerability in Cisco Unified Contact Center Express 12.0/12.0(1) A vulnerability in the Java Remote Management Interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. | 10.0 |
| 2020-05-22 | CVE-2020-3272 | Improper Input Validation vulnerability in Cisco Prime Network Registrar A vulnerability in the DHCP server of Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.8 |
| 2020-05-22 | CVE-2020-3184 | SQL Injection vulnerability in Cisco Prime Collaboration Provisioning A vulnerability in the web-based management interface of Cisco Prime Collaboration Provisioning Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. | 6.5 |
| 2020-05-22 | CVE-2020-13384 | Unrestricted Upload of File with Dangerous Type vulnerability in Monstra 3.0.4 Monstra CMS 3.0.4 allows remote authenticated users to upload and execute arbitrary PHP code via admin/index.php?id=filesmanager because, for example, .php filenames are blocked but .php7 filenames are not, a related issue to CVE-2017-18048. | 6.5 |
| 2020-05-21 | CVE-2020-12693 | Slurm 19.05.x before 19.05.7 and 20.02.x before 20.02.3, in the rare case where Message Aggregation is enabled, allows Authentication Bypass via an Alternate Path or Channel. | 8.1 |
| 2020-05-21 | CVE-2020-1195 | Improper Privilege Management vulnerability in Microsoft Edge An elevation of privilege vulnerability exists in Microsoft Edge (Chromium-based) when the Feedback extension improperly validates input, aka 'Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability'. | 4.3 |
| 2020-05-21 | CVE-2020-1192 | Unspecified vulnerability in Microsoft Visual Studio Code A remote code execution vulnerability exists in Visual Studio Code when the Python extension loads workspace settings from a notebook file, aka 'Visual Studio Code Python Extension Remote Code Execution Vulnerability'. | 9.3 |