» 2020 » 6월

CVE-2020-9589

Posted on 2020년 6월 27일2020년 6월 27일 by admin

CVE-2020-9589

Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.

Source: CVE-2020-9589

CVE-2020-9622

Posted on 2020년 6월 27일2020년 6월 27일 by admin

CVE-2020-9622

Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Source: CVE-2020-9622

CVE-2020-9621

Posted on 2020년 6월 27일2020년 6월 27일 by admin

CVE-2020-9621

Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.

Source: CVE-2020-9621

CVE-2020-9629

Posted on 2020년 6월 27일2020년 6월 27일 by admin

CVE-2020-9629

Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Source: CVE-2020-9629

CVE-2020-9626

Posted on 2020년 6월 27일2020년 6월 27일 by admin

CVE-2020-9626

Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Source: CVE-2020-9626

CVE-2020-9586

Posted on 2020년 6월 27일2020년 6월 27일 by admin

CVE-2020-9586

Adobe Character Animator versions 3.2 and earlier have a buffer overflow vulnerability. Successful exploitation could lead to arbitrary code execution.

Source: CVE-2020-9586

CVE-2013-7489

Posted on 2020년 6월 27일2020년 6월 27일 by admin

CVE-2013-7489

The Beaker library through 1.11.0 for Python is affected by deserialization of untrusted data, which could lead to arbitrary code execution.

Source: CVE-2013-7489

CVE-2020-15351

Posted on 2020년 6월 27일2020년 6월 27일 by admin

CVE-2020-15351

IDrive before 6.7.3.19 on Windows installs by default to %PROGRAMFILES(X86)%IDriveWindows with weak folder permissions granting any user modify permission (i.e., NT AUTHORITYAuthenticated Users:(OI)(CI)(M)) to the contents of the directory and its sub-folders. In addition, the program installs a service called IDriveService that runs as LocalSystem. Thus, any standard user can escalate privileges to NT AUTHORITYSYSTEM by substituting the service’s binary with a malicious one.

Source: CVE-2020-15351

CVE-2020-9047

Posted on 2020년 6월 27일2020년 6월 27일 by admin

CVE-2020-9047

A vulnerability exists that could allow the execution of unauthorized code or operating system commands on systems running exacqVision Web Service versions 20.03.2.0 and prior and exacqVision Enterprise Manager versions 20.03.3.0 and prior. An attacker with administrative privileges could potentially download and run a malicious executable that could allow OS command injection on the system.

Source: CVE-2020-9047

CVE-2020-14955

Posted on 2020년 6월 27일2020년 6월 27일 by admin

CVE-2020-14955

In Jiangmin Antivirus 16.0.13.129, the driver file (KVFG.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x220440.

Source: CVE-2020-14955