CVE-2020-6465
Use after free in reader mode in Google Chrome on Android prior to 83.0.4103.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
Source: CVE-2020-6465
[월:] 2020년 05월
CVE-2020-6464
CVE-2020-6464
Type confusion in Blink in Google Chrome prior to 81.0.4044.138 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Source: CVE-2020-6464
CVE-2020-6460
CVE-2020-6460
Insufficient data validation in URL formatting in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to perform domain spoofing via a crafted domain name.
Source: CVE-2020-6460
CVE-2020-6459
CVE-2020-6459
Use after free in payments in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Source: CVE-2020-6459
CVE-2020-6458
CVE-2020-6458
Out of bounds read and write in PDFium in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
Source: CVE-2020-6458
CVE-2020-6457
CVE-2020-6457
Use after free in speech recognizer in Google Chrome prior to 81.0.4044.113 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
Source: CVE-2020-6457
CVE-2020-13252
CVE-2020-13252
Centreon before 19.04.15 allows remote attackers to execute arbitrary OS commands by placing shell metacharacters in RRDdatabase_status_path (via a main.get.php request) and then visiting the include/views/graphs/graphStatus/displayServiceStatus.php page.
Source: CVE-2020-13252
CVE-2020-12647
CVE-2020-12647
Unisys ALGOL Compiler 58.1 before 58.1a.15, 59.1 before 59.1a.9, and 60.0 before 60.0a.5 allows local users to trigger a system fault upon execution of compiled code, or adversely affect confidentiality, integrity, and availability, via crafted syntax.
Source: CVE-2020-12647
CVE-2020-5365
CVE-2020-5365
Dell EMC Isilon versions 8.2.2 and earlier contain a remotesupport vulnerability. The pre-configured support account, remotesupport, is bundled in the Dell EMC Isilon OneFS installation. This account is used for diagnostics and other support functions. Although the default password is different for every cluster, it is predictable.
Source: CVE-2020-5365
CVE-2020-5364
CVE-2020-5364
Dell EMC Isilon OneFS versions 8.2.2 and earlier contain an SNMPv2 vulnerability. The SNMPv2 services is enabled, by default, with a pre-configured community string. This community string allows read-only access to many aspects of the Isilon cluster, some of which are considered sensitive and can foster additional access.
Source: CVE-2020-5364