Total
8212 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-32462 | 2 Microsoft, Trendmicro | 2 Windows, Password Manager | 2021-07-23 | 9.0 HIGH | 8.8 HIGH |
| Trend Micro Password Manager (Consumer) version 5.0.0.1217 and below is vulnerable to an Exposed Hazardous Function Remote Code Execution vulnerability which could allow an unprivileged client to manipulate the registry and escalate privileges to SYSTEM on affected installations. Authentication is required to exploit this vulnerability. | |||||
| CVE-2021-1051 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2021-07-23 | 6.6 MEDIUM | 8.4 HIGH |
| NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which a local user can get elevated privileges to modify display configuration data, which may result in denial of service of the display. | |||||
| CVE-2008-0454 | 2 Microsoft, Skype Technologies | 3 Internet Explorer, Windows, Skype | 2021-07-23 | 9.3 HIGH | N/A |
| Cross-zone scripting vulnerability in the Internet Explorer web control in Skype 3.6.0.244, and earlier 3.5.x and 3.6.x versions, on Windows allows user-assisted remote attackers to inject arbitrary web script or HTML in the Local Machine Zone via the Title field of a (1) Dailymotion and possibly (2) Metacafe movie in the Skype video gallery, accessible through a search within the "Add video to chat" dialog, aka "videomood XSS." | |||||
| CVE-2019-8063 | 3 Adobe, Apple, Microsoft | 3 Creative Cloud, Mac Os X, Windows | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| Creative Cloud Desktop Application 4.6.1 and earlier versions have an insecure transmission of sensitive data vulnerability. Successful exploitation could lead to information leakage. | |||||
| CVE-2020-4343 | 2 Ibm, Microsoft | 2 I2 Analysts Notebook, Windows | 2021-07-21 | 9.3 HIGH | 7.8 HIGH |
| IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially crafted file, a remote attacker could exploit this vulnerability to execute arbitrary code on the system or cause the application to crash. IBM X-Force ID: 178244. | |||||
| CVE-2020-12876 | 2 Microsoft, Veritas | 2 Windows, Aptare | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| Veritas APTARE versions prior to 10.4 allowed remote users to access several unintended files on the server. This vulnerability only impacts Windows server deployments. | |||||
| CVE-2020-3961 | 2 Microsoft, Vmware | 2 Windows, Horizon Client | 2021-07-21 | 4.6 MEDIUM | 7.8 HIGH |
| VMware Horizon Client for Windows (prior to 5.4.3) contains a privilege escalation vulnerability due to folder permission configuration and unsafe loading of libraries. A local user on the system where the software is installed may exploit this issue to run commands as any user. | |||||
| CVE-2020-4468 | 2 Ibm, Microsoft | 2 I2 Analysts Notebook, Windows | 2021-07-21 | 9.3 HIGH | 7.8 HIGH |
| IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacker to execute arbitrary code on the system, caused by memory corruption. By persuading a victim to open a specially-crafted document, a remote attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the victim or cause the application to crash. IBM X-Force ID: 181723. | |||||
| CVE-2020-10861 | 2 Avast, Microsoft | 2 Antivirus, Windows | 2021-07-21 | 6.4 MEDIUM | 7.5 HIGH |
| An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to achieve Arbitrary File Deletion from Avast Program Path via RPC, when Self Defense is Enabled. | |||||
| CVE-2020-4288 | 2 Ibm, Microsoft | 2 I2 Analysts Notebook, Windows | 2021-07-21 | 9.3 HIGH | 7.8 HIGH |
| IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption error. By persuading a victim to open a specially-crafted document, a remote attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the victim or cause the application to crash. IBM X-Force ID: 176270. | |||||
| CVE-2020-9613 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2021-07-21 | 6.8 MEDIUM | 7.8 HIGH |
| Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.30166 and earlier, and 2015.006.30518 and earlier have a security bypass vulnerability. Successful exploitation could lead to security feature bypass. | |||||
| CVE-2019-7956 | 2 Adobe, Microsoft | 2 Dreamweaver, Windows | 2021-07-21 | 6.8 MEDIUM | 7.8 HIGH |
| Adobe Dreamweaver direct download installer versions 19.0 and below, 18.0 and below have an Insecure Library Loading (DLL hijacking) vulnerability. Successful exploitation could lead to Privilege Escalation in the context of the current user. | |||||
| CVE-2020-10864 | 2 Avast, Microsoft | 2 Antivirus, Windows | 2021-07-21 | 5.0 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to trigger a reboot via RPC from a Low Integrity process. | |||||
| CVE-2020-4265 | 2 Ibm, Microsoft | 2 I2 Analysts Notebook, Windows | 2021-07-21 | 6.9 MEDIUM | 7.3 HIGH |
| IBM i2 Intelligent Analyis Platform 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 175648. | |||||
| CVE-2020-4467 | 2 Ibm, Microsoft | 2 I2 Analysts Notebook, Windows | 2021-07-21 | 9.3 HIGH | 7.8 HIGH |
| IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacker to execute arbitrary code on the system, caused by memory corruption. By persuading a victim to open a specially-crafted document, a remote attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the victim or cause the application to crash. IBM X-Force ID: 181721. | |||||
| CVE-2020-9683 | 2 Adobe, Microsoft | 3 Photoshop, Photoshop Cc, Windows | 2021-07-21 | 6.8 MEDIUM | 8.8 HIGH |
| Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020 have an out-of-bounds read vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2020-3945 | 2 Microsoft, Vmware | 2 Windows, Vrealize Operations | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| vRealize Operations for Horizon Adapter (6.7.x prior to 6.7.1 and 6.6.x prior to 6.6.1) contains an information disclosure vulnerability due to incorrect pairing implementation between the vRealize Operations for Horizon Adapter and Horizon View. An unauthenticated remote attacker who has network access to vRealize Operations, with the Horizon Adapter running, may obtain sensitive information | |||||
| CVE-2020-4285 | 2 Ibm, Microsoft | 2 I2 Analysts Notebook, Windows | 2021-07-21 | 9.3 HIGH | 7.8 HIGH |
| IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption error. By persuading a victim to open a specially-crafted document, a remote attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the victim or cause the application to crash. IBM X-Force ID: 176266 | |||||
| CVE-2020-3798 | 2 Adobe, Microsoft | 2 Digital Editions, Windows | 2021-07-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Adobe Digital Editions versions 4.5.11.187212 and below have a file enumeration (host or local network) vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2020-27019 | 2 Microsoft, Trendmicro | 2 Windows, Interscan Messaging Security Virtual Appliance | 2021-07-21 | 2.1 LOW | 5.5 MEDIUM |
| Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 is vulnerable to an information disclosure vulnerability which could allow an attacker to access a specific database and key. | |||||