Total
288 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-12353 | 1 Intel | 1 Data Center Manager | 2024-11-21 | 6.5 Medium |
| Improper permissions in the Intel(R) Data Center Manager Console before version 3.6.2 may allow an authenticated user to potentially enable denial of service via network access. | ||||
| CVE-2020-12345 | 1 Intel | 1 Data Center Manager | 2024-11-21 | 7.8 High |
| Improper permissions in the installer for the Intel(R) Data Center Manager Console before version 3.6.2 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2020-12335 | 1 Intel | 1 Processor Identification Utility | 2024-11-21 | 7.8 High |
| Improper permissions in the installer for the Intel(R) Processor Identification Utility before version 6.4.0603 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2020-12334 | 1 Intel | 1 Advisor Tools | 2024-11-21 | 7.8 High |
| Improper permissions in the installer for the Intel(R) Advisor tools before version 2020 Update 2 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2020-12332 | 1 Intel | 1 Hid Event Filter Driver | 2024-11-21 | 7.8 High |
| Improper permissions in the installer for the Intel(R) HID Event Filter Driver, all versions, may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2020-12330 | 1 Intel | 2 Falcon 8\+ Uas Asctec Thermal Viewer, Falcon 8\+ Uas Asctec Thermal Viewer Firmware | 2024-11-21 | 7.8 High |
| Improper permissions in the installer for the Intel(R) Falcon 8+ UAS AscTec Thermal Viewer, all versions, may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2020-10083 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 9.1 Critical |
| GitLab 12.7 through 12.8.1 has Insecure Permissions. Under certain conditions involving groups, project authorization changes were not being applied. | ||||
| CVE-2020-0405 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In NetworkStackNotifier, there is a possible permissions bypass due to an unsafe implicit PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-157475111 | ||||
| CVE-2019-7282 | 3 Debian, Fedoraproject, Netkit | 3 Debian Linux, Fedora, Netkit | 2024-11-21 | 5.9 Medium |
| In NetKit through 0.17, rcp.c in the rcp client allows remote rsh servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side. This is similar to CVE-2018-20685. | ||||
| CVE-2019-6995 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 6.5 Medium |
| An issue was discovered in GitLab Community and Enterprise Edition 8.x, 9.x, 10.x, and 11.x before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. It has Incorrect Access Control. Users are able to comment on locked project issues. | ||||
| CVE-2019-6791 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 6.5 Medium |
| An issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. It has Incorrect Access Control (issue 3 of 3). When a project with visibility more permissive than the target group is imported, it will retain its prior visibility. | ||||
| CVE-2019-20846 | 1 Mattermost | 1 Mattermost Server | 2024-11-21 | 7.5 High |
| An issue was discovered in Mattermost Server before 5.18.0. It has weak permissions for server-local file storage. | ||||
| CVE-2019-20843 | 1 Mattermost | 1 Mattermost Server | 2024-11-21 | 7.5 High |
| An issue was discovered in Mattermost Server before 5.18.0, 5.17.2, 5.16.4, 5.15.4, and 5.9.7. There are weak permissions for configuration files. | ||||
| CVE-2019-19620 | 1 Dell | 1 Red Cloak Windows Agent | 2024-11-21 | 3.3 Low |
| In SecureWorks Red Cloak Windows Agent before 2.0.7.9, a local user can bypass the generation of telemetry alerts by removing NT AUTHORITY\SYSTEM permissions from a file. This is limited in scope to the collection of process-execution telemetry, for executions against specific files where the SYSTEM user was denied access to the source file. | ||||
| CVE-2019-18458 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 2.7 Low |
| An issue was discovered in GitLab Community and Enterprise Edition through 12.4. It has Insecure Permissions (issue 2 of 4). | ||||
| CVE-2019-18457 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 8.8 High |
| An issue was discovered in GitLab Community and Enterprise Edition 11.8 through 12.4 when handling Security tokens.. It has Insecure Permissions. | ||||
| CVE-2019-16539 | 1 Jenkins | 1 Support Core | 2024-11-21 | 6.5 Medium |
| A missing permission check in Jenkins Support Core Plugin 2.63 and earlier allows attackers with Overall/Read permission to delete support bundles. | ||||
| CVE-2019-15621 | 1 Nextcloud | 1 Nextcloud Server | 2024-11-21 | 6.5 Medium |
| Improper permissions preservation in Nextcloud Server 16.0.1 causes sharees to be able to reshare with write permissions when sharing the mount point of a share they received, as a public link. | ||||
| CVE-2019-14956 | 1 Jetbrains | 1 Youtrack | 2024-11-21 | 4.3 Medium |
| JetBrains YouTrack before 2019.2.53938 was using incorrect settings, allowing a user without necessary permissions to get other project names. | ||||
| CVE-2019-14841 | 1 Redhat | 2 Decision Manager, Process Automation | 2024-11-21 | 8.8 High |
| A flaw was found in the RHDM, where an authenticated attacker can change their assigned role in the response header. This flaw allows an attacker to gain admin privileges in the Business Central Console. | ||||