» 2020 » 6월

CVE-2020-1225

Posted on 2020년 6월 10일2020년 6월 10일 by admin

CVE-2020-1225

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka ‘Microsoft Excel Remote Code Execution Vulnerability’. This CVE ID is unique from CVE-2020-1226.

Source: CVE-2020-1225

CVE-2020-1220

Posted on 2020년 6월 10일2020년 6월 10일 by admin

CVE-2020-1220

A spoofing vulnerability exists when theMicrosoft Edge (Chromium-based) in IE Mode improperly handles specific redirects, aka ‘Microsoft Edge (Chromium-based) in IE Mode Spoofing Vulnerability’.

Source: CVE-2020-1220

CVE-2020-1232

Posted on 2020년 6월 10일2020년 6월 10일 by admin

CVE-2020-1232

An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory, aka ‘Media Foundation Information Disclosure Vulnerability’.

Source: CVE-2020-1232

CVE-2020-1233

Posted on 2020년 6월 10일2020년 6월 10일 by admin

CVE-2020-1233

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka ‘Windows Runtime Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2020-1231, CVE-2020-1235, CVE-2020-1265, CVE-2020-1282, CVE-2020-1304, CVE-2020-1306, CVE-2020-1334.

Source: CVE-2020-1233

CVE-2020-1235

Posted on 2020년 6월 10일2020년 6월 10일 by admin

CVE-2020-1235

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka ‘Windows Runtime Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2020-1231, CVE-2020-1233, CVE-2020-1265, CVE-2020-1282, CVE-2020-1304, CVE-2020-1306, CVE-2020-1334.

Source: CVE-2020-1235

CVE-2020-1236

Posted on 2020년 6월 10일2020년 6월 10일 by admin

CVE-2020-1236

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka ‘Jet Database Engine Remote Code Execution Vulnerability’. This CVE ID is unique from CVE-2020-1208.

Source: CVE-2020-1236

CVE-2020-1237

Posted on 2020년 6월 10일2020년 6월 10일 by admin

CVE-2020-1237

An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka ‘Windows Kernel Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2020-0986, CVE-2020-1246, CVE-2020-1262, CVE-2020-1264, CVE-2020-1266, CVE-2020-1269, CVE-2020-1273, CVE-2020-1274, CVE-2020-1275, CVE-2020-1276, CVE-2020-1307, CVE-2020-1316.

Source: CVE-2020-1237

CVE-2020-13911

Posted on 2020년 6월 10일2020년 6월 10일 by admin

CVE-2020-13911

Your Online Shop 1.8.0 allows authenticated users to trigger XSS via a Change Name or Change Surname operation.

Source: CVE-2020-13911

CVE-2020-7456

Posted on 2020년 6월 10일2020년 6월 10일 by admin

CVE-2020-7456

In FreeBSD 12.1-STABLE before r361918, 12.1-RELEASE before p6, 11.4-STABLE before r361919, 11.3-RELEASE before p10, and 11.4-RC2 before p1, an invalid memory location may be used for HID items if the push/pop level is not restored within the processing of that HID item allowing an attacker with physical access to a USB port to be able to use a specially crafted USB device to gain kernel or user-space code execution.

Source: CVE-2020-7456

CVE-2020-6265

Posted on 2020년 6월 10일2020년 6월 10일 by admin

CVE-2020-6265

SAP Commerce, versions – 6.7, 1808, 1811, 1905, and SAP Commerce (Data Hub), versions – 6.7, 1808, 1811, 1905, allows an attacker to bypass the authentication and/or authorization that has been configured by the system administrator due to the use of Hardcoded Credentials.

Source: CVE-2020-6265