firefox

CVE-2020-0569: INTEL-SA-00338

Out of bounds write in Intel(R) PROSet/Wireless WiFi products on Windows 10 may allow an authenticated user to potentially enable denial of service via local access.

4 years ago

CVE

Open in Source

#vulnerability #web #windows #dos #intel #auth #chrome #firefox #wifi

CVE-2020-12352: INTEL-SA-00435

Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access.

4 years ago

CVE

Open in Source

#vulnerability #web #linux #intel #auth #chrome #firefox

CVE-2020-28136: OffSec’s Exploit Database Archive

An Arbitrary File Upload is discovered in SourceCodester Tourism Management System 1.0 allows the user to conduct remote code execution via admin/create-package.php vulnerable page.

4 years ago

CVE

Open in Source

#web #windows #php #rce #auth #firefox

CVE-2020-28648: Nagios XI Change Log - Nagios

Improper input validation in the Auto-Discovery component of Nagios XI before 5.7.5 allows an authenticated attacker to execute remote code.

CVE-2020-0590: INTEL-SA-00358

Improper input validation in BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access.

4 years ago

CVE

Open in Source

#vulnerability #web #ios #dos #intel #bios #auth #chrome #firefox

CVE-2020-8738: INTEL-SA-00390

Improper conditions check in Intel BIOS platform sample code for some Intel(R) Processors before may allow a privileged user to potentially enable escalation of privilege via local access.

4 years ago

CVE

Open in Source

#vulnerability #web #ios #intel #bios #auth #chrome #firefox

CVE-2020-8745: INTEL-SA-00391

Insufficient control flow management in subsystem for Intel(R) CSME versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 13.0.40, 13.30.10, 14.0.45 and 14.5.25 , Intel(R) TXE versions before 3.1.80 and 4.0.30 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

4 years ago

CVE

Open in Source

#vulnerability #web #windows #dos #intel #auth #rpm #chrome #firefox

CVE-2020-25201: consul/CHANGELOG.md at main · hashicorp/consul

HashiCorp Consul Enterprise version 1.7.0 up to 1.8.4 includes a namespace replication bug which can be triggered to cause denial of service via infinite Raft writes. Fixed in 1.7.9 and 1.8.5.

CVE-2020-28041: GitHub - samyk/slipstream: NAT Slipstreaming allows an attacker to remotely access any TCP/UDP services bound to a victim machine, bypassing the victim’s NAT/firewall, just by anyone on the victim's n

The SIP ALG implementation on NETGEAR Nighthawk R7000 1.0.9.64_10.2.64 devices allows remote attackers to communicate with arbitrary TCP and UDP services on a victim's intranet machine, if the victim visits an attacker-controlled web site with a modern browser, aka NAT Slipstreaming. This occurs because the ALG takes action based on an IP packet with an initial REGISTER substring in the TCP data, and the correct intranet IP address in the subsequent Via header, without properly considering that connection progress and fragmentation affect the meaning of the packet data.

4 years ago

CVE

Open in Source

#web #mac #apple #google #linux #js #git #java #intel #perl #samba #auth #ssh #chrome #webkit #firefox #ssl

CVE-2020-24303: grafana/CHANGELOG.md at main · grafana/grafana

Grafana before 7.1.0-beta 1 allows XSS via a query alias for the ElasticSearch datasource.

Tag

#firefox