Skip to main content
CVE-2020-16087 HIGH POC This Week

An issue was discovered in Zalo.exe in VNG Zalo Desktop 19.8.1.0. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Information Disclosure Zalo Desktop
NVD GitHub
CVSS 3.1
8.6
EPSS
1.3%
CVE-2020-24346 HIGH POC This Week

njs through 0.4.3, used in NGINX, has a use-after-free in njs_json_parse_iterator_call in njs_json.c. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Use After Free Memory Corruption Nginx Njs
NVD GitHub
CVSS 3.1
7.8
EPSS
1.0%
CVE-2020-24345 HIGH POC This Week

{new new Proxy(a,{})}JSON.parse("[]",a). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Jerryscript
NVD GitHub
CVSS 3.1
7.8
EPSS
0.8%
CVE-2020-24343 HIGH POC This Week

Artifex MuJS through 1.0.7 has a use-after-free in jsrun.c because of unconditional marking in jsgc.c. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Memory Corruption Information Disclosure Mujs
NVD GitHub
CVSS 3.1
7.8
EPSS
0.8%
CVE-2020-24342 HIGH POC PATCH This Week

Lua through 5.4.0 allows a stack redzone cross in luaO_pushvfstring because a protection mechanism wrongly calls luaD_callnoyield twice in a row. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Lua Fedora
NVD GitHub
CVSS 3.1
7.8
EPSS
1.1%
CVE-2020-24331 HIGH POC PATCH This Week

An issue was discovered in TrouSerS through 0.3.14. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Privilege Escalation Trousers Fedora
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2020-24330 HIGH POC PATCH This Week

An issue was discovered in TrouSerS through 0.3.14. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Privilege Escalation Trousers Fedora
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2020-16303 HIGH POC This Week

A use-after-free vulnerability in xps_finish_image_path() in devices/vector/gdevxps.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted PDF file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Use After Free Privilege Escalation Memory Corruption Ghostscript Debian Linux +1
NVD
CVSS 3.1
7.8
EPSS
1.8%
CVE-2020-7360 HIGH POC This Week

An Uncontrolled Search Path Element (CWE-427) vulnerability in SmartControl version 4.3.15 and versions released before April 15, 2020 may allow an authenticated user to escalate privileges by. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Smartcontrol
NVD
CVSS 3.1
7.3
EPSS
0.5%
CVE-2020-24344 HIGH POC This Week

{a=arguments}){const arguments}) buffer over-read. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Jerryscript
NVD GitHub
CVSS 3.1
7.1
EPSS
0.8%
CVE-2020-15947 HIGH This Week

A SQL injection vulnerability in the qm_adm/qm_export_stats_run.do endpoint of Loway QueueMetrics before 19.10.21 allows remote authenticated users to execute arbitrary SQL commands via the exportId. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Queuemetrics
NVD
CVSS 3.1
8.8
EPSS
1.1%
CVE-2020-15925 HIGH This Week

A SQL injection vulnerability at a tpf URI in Loway QueueMetrics before 19.10.21 allows remote authenticated attackers to execute arbitrary SQL commands via the TPF_XPAR1 parameter. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Queuemetrics
NVD
CVSS 3.1
8.8
EPSS
1.1%
CVE-2020-8732 HIGH This Week

Heap-based buffer overflow in the firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable escalation. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Intel Memory Corruption Server Board S2600Wt Firmware +17
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2020-8731 HIGH This Week

Incorrect execution-assigned permissions in the file system for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Server Board S2600Wt Firmware Server System R1000Wt Firmware Server System R2000Wt Firmware +15
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2020-8730 HIGH This Week

Heap-based overflow for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable escalation of privilege via local. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Intel Memory Corruption Server Board S2600Wt Firmware +17
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2020-8718 HIGH This Week

Buffer overflow in a subsystem for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable escalation of privilege. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Intel Server Board S2600Wt Firmware Server System R1000Wt Firmware +16
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2020-8713 HIGH This Week

Improper authentication for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable escalation of privilege via. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Intel Authentication Bypass Server Board S2600Wt Firmware Server System R1000Wt Firmware +16
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2020-8709 HIGH This Week

Improper authentication in socket services for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.45 may allow an unauthenticated user to potentially enable escalation. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Intel Authentication Bypass Server Board S2600Wt Firmware Server System R1000Wt Firmware +16
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2020-8708 HIGH This Week

Improper authentication for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable escalation of privilege via. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Intel Authentication Bypass Server Board S2600Wt Firmware Server System R1000Wt Firmware +16
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2020-8707 HIGH This Week

Buffer overflow in daemon for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable escalation of privilege via. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Intel Server Board S2600Wt Firmware Server System R1000Wt Firmware +16
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2020-8706 HIGH This Week

Buffer overflow in a daemon for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable escalation of privilege via. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Intel Server Board S2600Wt Firmware Server System R1000Wt Firmware +16
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2020-12301 HIGH PATCH This Week

Improper initialization in BIOS firmware for Intel(R) Server Board Families S2600ST, S2600BP and S2600WF may allow a privileged user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity.

Privilege Escalation Intel S2600Wftr Firmware S2600Wf0R Firmware S2600Wfqr Firmware +5
NVD
CVSS 3.1
8.2
EPSS
0.3%
CVE-2020-12300 HIGH PATCH This Week

Uninitialized pointer in BIOS firmware for Intel(R) Server Board Families S2600CW, S2600KP, S2600TP, and S2600WT may allow a privileged user to potentially enable escalation of privilege via local. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity.

Privilege Escalation Intel Memory Corruption S2600Cw2 Firmware S2600Cw2S Firmware +21
NVD
CVSS 3.1
8.2
EPSS
0.3%
CVE-2020-12299 HIGH PATCH This Week

Improper input validation in BIOS firmware for Intel(R) Server Board Families S2600ST, S2600BP and S2600WF may allow a privileged user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity.

Privilege Escalation Intel S2600Stqr Firmware S2600Stbr Firmware S2600Bpsr Firmware +5
NVD
CVSS 3.1
8.2
EPSS
0.3%
CVE-2020-8722 HIGH This Week

Buffer overflow in a subsystem for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow a privileged user to potentially enable escalation of privilege via. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Intel Server Board S2600Wt Firmware Server System R1000Wt Firmware +16
NVD
CVSS 3.1
8.2
EPSS
0.4%
CVE-2020-8721 HIGH This Week

Improper input validation for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow a privileged user to potentially enable escalation of privilege via local. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Server Board S2600Wt Firmware Server System R1000Wt Firmware Server System R2000Wt Firmware +15
NVD
CVSS 3.1
8.2
EPSS
0.3%
CVE-2020-8719 HIGH This Week

Buffer overflow in subsystem for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow a privileged user to potentially enable escalation of privilege via. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Intel Server Board S2600Wt Firmware Server System R1000Wt Firmware +16
NVD
CVSS 3.1
8.2
EPSS
0.4%
CVE-2020-0261 HIGH This Week

In C2 flame devices, there is a possible bypass of seccomp due to a missing configuration file. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Privilege Escalation Android
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2020-8687 HIGH PATCH This Week

Uncontrolled search path in the installer for Intel(R) RSTe Software RAID Driver for the Intel(R) Server Board M10JNP2SB before version 4.7.0.1119 may allow an authenticated user to potentially. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Intel Rste Software Raid
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-8681 HIGH PATCH This Week

Out of bounds write in system driver for some Intel(R) Graphics Drivers before version 15.33.50.5129 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Privilege Escalation Intel Memory Corruption Graphics Drivers
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-0559 HIGH PATCH This Week

Insecure inherited permissions in some Intel(R) PROSet/Wireless WiFi products on Windows* 7 and 8.1 before version 21.40.5.1 may allow an authenticated user to potentially enable escalation of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Incorrect Permission Assignment vulnerability could allow attackers to access resources due to misconfigured permissions.

Privilege Escalation Intel Microsoft Ac 3165 Firmware Ac 3168 Firmware +74
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-0555 HIGH PATCH This Week

Improper input validation for some Intel(R) Wireless Bluetooth(R) products may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Intel Ax201 Firmware Ax200 Firmware Ac 9560 Firmware +8
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-0513 HIGH PATCH This Week

Out of bounds write for some Intel(R) Graphics Drivers before version 15.33.50.5129 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Privilege Escalation Intel Memory Corruption Graphics Drivers
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-0510 HIGH PATCH This Week

Out of bounds read in some Intel(R) Graphics Drivers before versions 15.45.31.5127 and 15.40.45.5126 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Privilege Escalation Intel Information Disclosure Graphics Drivers
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-8763 HIGH PATCH This Week

Improper permissions in the installer for the Intel(R) RealSense(TM) D400 Series UWP driver for Windows* 10 may allow an authenticated user to potentially enable escalation of privilege via local. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Incorrect Default Permissions vulnerability could allow attackers to access resources due to overly permissive default settings.

Intel Privilege Escalation Microsoft Realsense D415 Firmware Realsense D435 Firmware +1
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-8743 HIGH This Week

Improper permissions in the installer for the Intel(R) Mailbox Interface driver, all versions, may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Mailbox Interface Driver
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-8736 HIGH This Week

Improper access control in subsystem for the Intel(R) Computing Improvement Program before version 2.4.5718 may allow an authenticated user to potentially enable escalation of privilege via local. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Computing Improvement Program
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-8729 HIGH This Week

Buffer copy without checking size of input for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable escalation of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Intel Server Board S2600Wt Firmware Server System R1000Wt Firmware +16
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-8714 HIGH This Week

Improper authentication for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable escalation of privilege via local. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Authentication Bypass Server Board S2600Wt Firmware Server System R1000Wt Firmware +16
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-8712 HIGH This Week

Buffer overflow in a verification process for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.45 may allow an authenticated user to potentially enable escalation of. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Intel Server Board S2600Wt Firmware Server System R1000Wt Firmware +16
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-12287 HIGH This Week

Incorrect permissions in the Intel(R) Distribution of OpenVINO(TM) Toolkit before version 2020.2 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Distribution Of Openvino Toolkit
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-7304 HIGH This Week

Cross site request forgery vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows authenticated remote attacker to embed a CRSF script via adding a new label. Rated high severity (CVSS 7.6), this vulnerability is low attack complexity. No vendor patch available.

CSRF Data Loss Prevention
NVD
CVSS 3.1
7.6
EPSS
0.5%
CVE-2020-8688 HIGH PATCH This Week

Improper input validation in the Intel(R) RAID Web Console 3 for Windows* may allow an unauthenticated user to potentially enable denial of service via network access. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Intel Microsoft Raid Web Console 3
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2020-8680 HIGH PATCH This Week

Race condition in some Intel(R) Graphics Drivers before version 15.40.45.5126 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.0).

Race Condition Privilege Escalation Intel Graphics Drivers
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2020-0554 HIGH PATCH This Week

Race condition in software installer for some Intel(R) Wireless Bluetooth(R) products on Windows* 7, 8.1 and 10 may allow an unprivileged user to potentially enable escalation of privilege via local. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Race Condition Privilege Escalation Intel Microsoft Ac 3165 Firmware +10
NVD
CVSS 3.1
7.0
EPSS
0.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy