CVE-2019-3588
Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 14 may allow unauthorized users to interact with the On-Access Scan Messages – Threat Alert Window when the Windows Login Screen is locked.
Source: CVE-2019-3588
CVE-2019-3613
DLL Search Order Hijacking vulnerability in McAfee Agent (MA) prior to 5.6.4 allows attackers with local access to execute arbitrary code via execution from a compromised folder.
Source: CVE-2019-3613
CVE-2019-3617
Privilege escalation vulnerability in McAfee Total Protection (ToPS) for Mac OS prior to 4.6 allows local users to gain root privileges via incorrect protection of temporary files.
Source: CVE-2019-3617
CVE-2020-13996
The J2Store plugin before 3.3.13 for Joomla! allows a SQL injection attack by a trusted store manager.
Source: CVE-2020-13996
CVE-2020-8337
An unquoted search path vulnerability was reported in versions prior to 1.0.83.0 of the Synaptics Smart Audio UWP app associated with the DCHU audio drivers on Lenovo platforms that could allow an administrative user to execute arbitrary code.
Source: CVE-2020-8337
CVE-2020-8336
Lenovo implemented Intel CSME Anti-rollback ARB protections on some ThinkPad models to prevent roll back of CSME Firmware in flash.
Source: CVE-2020-8336
CVE-2020-8334
The BIOS tamper detection mechanism was not triggered in Lenovo ThinkPad T495s, X395, T495, A485, A285, A475, A275 which may allow for unauthorized access.
Source: CVE-2020-8334
CVE-2020-8331
A potential vulnerability in the BIOS configuration of some ThinkSystem models due to missing DMA protections that may allow a user with physical access read or write access to system memory.
Source: CVE-2020-8331
CVE-2020-8323
A potential vulnerability in the SMI callback function used in the Legacy SD driver in some Lenovo ThinkPad, ThinkStation, and Lenovo Notebook models may allow arbitrary code execution.
Source: CVE-2020-8323
CVE-2020-8322
A potential vulnerability in the SMI callback function used in the Legacy USB driver in some Lenovo Notebook and ThinkStation models may allow arbitrary code execution.
Source: CVE-2020-8322