CVE-2020-16121 – PackageKit provided detailed error messages to unprivileged callers that exposed information
CVE-2020-16121 – PackageKit provided detailed error messages to unprivileged callers that exposed information.
CVE(s)
CVE-2020-22275 – Easy Registration Forms (ER Forms) WordPress Plugin 2.0.6 allows an attacker to submit an entry with malicious CSV commands
Easy Registration Forms (ER Forms) Wordpress Plugin 2.0.6 allows an attacker to submit an entry with malicious CSV commands.
CVE-2020-7129 – A remote execution of arbitrary commands vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2
A remote execution of arbitrary commands vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2
CVE-2020-16009 – Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183
Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-16011 – Heap buffer overflow in UI in Google Chrome
Heap buffer overflow in UI in Google Chrome on Windows prior to 86.0.4240.183 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2020-9859 – Apple iPadOS, MacOS Catalina, tvOS, Watch OS – Memory Bug
A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.5.1 and iPadOS 13.5.1, macOS Catalina 10.15.5 Supplemental Update, tvOS 13.4.6, watchOS 6.2.6. An application may be able to execute arbitrary code with kernel privileges.
CVE-2020-2021 – Palo Alto Networks – Critical Security Advisory (SAML)
Recently released versions of PAN-OS contain an important fix for a critical security vulnerability listed on the Palo Alto Networks Security Advisories Site. (https://security.paloaltonetworks.com/CVE-2020-2021)
CVE-2020-1350 – Windows DNS Server Remote Code Execution Vulnerability
A remote code execution vulnerability exists in Windows Domain Name System servers when they fail to properly handle requests. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the Local System Account. Windows servers that are configured as DNS servers are at risk from this vulnerability.