» 2020 » 2월

CVE-2015-3309

Posted on 2020년 2월 14일2020년 2월 14일 by admin

CVE-2015-3309

Directory traversal vulnerability in node/utils/Minify.js in Etherpad 1.1.2 through 1.5.4 allows remote attackers to read arbitrary files with permissions of the user running the service via a .. (dot dot) in the path parameter of HTTP API requests. NOTE: This vulnerability is due to an incomplete fix to CVE-2015-3297.

Source: CVE-2015-3309

CVE-2014-3208

Posted on 2020년 2월 14일2020년 2월 14일 by admin

CVE-2014-3208

A Denial of Service vulnerability exists in askpop3d 0.7.7 in free (pszQuery),

Source: CVE-2014-3208

CVE-2013-0295

Posted on 2020년 2월 14일2020년 2월 14일 by admin

CVE-2013-0295

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-0342. Reason: This candidate is a duplicate of [ID]. Notes: All CVE users should reference CVE-2013-0342 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.

Source: CVE-2013-0295

CVE-2012-6091

Posted on 2020년 2월 14일2020년 2월 14일 by admin

CVE-2012-6091

Zend_XmlRpc Class in Magento before 1.7.0.2 contains an information disclosure vulnerability.

Source: CVE-2012-6091

CVE-2020-0564

Posted on 2020년 2월 14일2020년 2월 14일 by admin

CVE-2020-0564

Improper permissions in the installer for Intel(R) RWC3 for Windows before version 7.010.009.000 may allow an authenticated user to potentially enable escalation of privilege via local access.

Source: CVE-2020-0564

CVE-2020-0563

Posted on 2020년 2월 14일2020년 2월 14일 by admin

CVE-2020-0563

Improper permissions in the installer for Intel(R) MPSS before version 3.8.6 may allow an authenticated user to potentially enable escalation of privilege via local access.

Source: CVE-2020-0563

CVE-2020-0562

Posted on 2020년 2월 14일2020년 2월 14일 by admin

CVE-2020-0562

Improper permissions in the installer for Intel(R) RWC2, all versions, may allow an authenticated user to potentially enable escalation of privilege via local access.

Source: CVE-2020-0562

CVE-2020-0561

Posted on 2020년 2월 14일2020년 2월 14일 by admin

CVE-2020-0561

Improper initialization in the Intel(R) SGX SDK before v2.6.100.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Source: CVE-2020-0561

CVE-2019-14598

Posted on 2020년 2월 14일2020년 2월 14일 by admin

CVE-2019-14598

Improper Authentication in subsystem in Intel(R) CSME versions 12.0 through 12.0.48 (IOT only: 12.0.56), versions 13.0 through 13.0.20, versions 14.0 through 14.0.10 may allow a privileged user to potentially enable escalation of privilege, denial of service or information disclosure via local access.

Source: CVE-2019-14598

CVE-2012-5623

Posted on 2020년 2월 14일2020년 2월 14일 by admin

CVE-2012-5623

Squirrelmail 4.0 uses the outdated MD5 hash algorithm for passwords.

Source: CVE-2012-5623