CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 3CVE-2020-3433 – Cisco AnyConnect Secure Mobility Client for Windows DLL Hijacking Vulnerability
https://notcve.org/view.php?id=CVE-2020-3433
17 Aug 2020 — A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system. The vulnerability is due to insufficient validation of resources that are loaded by the application at run time. An attacker could exploit this vulnerability by sending a crafted IPC message to the AnyConnect ... • https://ssd-disclosure.com/ssd-advisory-cisco-anyconnect-privilege-elevation-through-path-traversal • CWE-427: Uncontrolled Search Path Element •
CVSS: 9.0EPSS: 0%CPEs: 16EXPL: 0CVE-2020-8233
https://notcve.org/view.php?id=CVE-2020-8233
17 Aug 2020 — A command injection vulnerability exists in EdgeSwitch firmware <v1.9.0 that allowed an authenticated read-only user to execute arbitrary shell commands over the HTTP interface, allowing them to escalate privileges. • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00019.html • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 0CVE-2020-15145 – Local privilege elevation in Composer-Setup for Windows
https://notcve.org/view.php?id=CVE-2020-15145
14 Aug 2020 — In Composer-Setup for Windows before version 6.0.0, if the developer's computer is shared with other users, a local attacker may be able to exploit the following scenarios. 1. A local regular user may modify the existing `C:\ProgramData\ComposerSetup\bin\composer.bat` in order to get elevated command execution when composer is run by an administrator. 2. A local regular user may create a specially crafted dll in the `C:\ProgramData\ComposerSetup\bin` folder in order to get Local System privileges. See: http... • https://github.com/composer/windows-setup/commit/ca9f1435d368e3377e82d60ef0c7b795afa9f804 • CWE-276: Incorrect Default Permissions •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2020-22722
https://notcve.org/view.php?id=CVE-2020-22722
14 Aug 2020 — Rapid Software LLC Rapid SCADA 5.8.0 is affected by a local privilege escalation vulnerability in the ScadaAgentSvc.exe executable file. • https://syhack.wordpress.com/2020/04/21/rapid-scada-local-privilege-escalation-vulnerability • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2019-20383
https://notcve.org/view.php?id=CVE-2019-20383
13 Aug 2020 — ABBYY network license server in ABBYY FineReader 15 before Release 4 (aka 15.0.112.2130) allows escalation of privileges by local users via manipulations involving files and using symbolic links. El servidor de licencias de red de ABBYY en ABBYY FineReader versión 15 antes de la Publicación 4 (también se conoce como versión 15.0.112.2130), permite una escalada de privilegios por parte de usuarios locales mediante manipulaciones que involucran archivos y el uso de enlaces simbólicos • https://amonitoring.ru/article/abbyy-lpe • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.4EPSS: 0%CPEs: 1EXPL: 1CVE-2020-7360 – Philips SmartControl DLL Hijacking
https://notcve.org/view.php?id=CVE-2020-7360
13 Aug 2020 — An Uncontrolled Search Path Element (CWE-427) vulnerability in SmartControl version 4.3.15 and versions released before April 15, 2020 may allow an authenticated user to escalate privileges by placing a specially crafted DLL file in the search path. • https://blog.vonahi.io/when-the-path-to-system-is-wide-open • CWE-427: Uncontrolled Search Path Element •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 1CVE-2020-16304 – ghostscript: buffer overflow in image_render_color_thresh() in base/gxicolor.c could result in a DoS
https://notcve.org/view.php?id=CVE-2020-16304
13 Aug 2020 — A buffer overflow vulnerability in image_render_color_thresh() in base/gxicolor.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted eps file. • http://git.ghostscript.com/?p=ghostpdl.git%3Ba=commitdiff%3Bh=027c546e0dd11e0526f1780a7f3c2c66acffe209 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 1CVE-2020-16303 – ghostscript: use-after-free in xps_finish_image_path() in devices/vector/gdevxps.c could result in a privilege escalation
https://notcve.org/view.php?id=CVE-2020-16303
13 Aug 2020 — A use-after-free vulnerability in xps_finish_image_path() in devices/vector/gdevxps.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted PDF file. • https://bugs.ghostscript.com/show_bug.cgi?id=701818 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 1CVE-2020-16302 – ghostscript: buffer overflow in jetp3852_print_page() in devices/gdev3852.c could result in a privilege escalation
https://notcve.org/view.php?id=CVE-2020-16302
13 Aug 2020 — A buffer overflow vulnerability in jetp3852_print_page() in devices/gdev3852.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted PDF file. • https://bugs.ghostscript.com/show_bug.cgi?id=701815 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-125: Out-of-bounds Read •
CVSS: 9.3EPSS: 0%CPEs: 3EXPL: 0CVE-2020-1581 – Microsoft Office Click-to-Run Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2020-1581
13 Aug 2020 — This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Office. ... An attacker can leverage this vulnerability to escalate privileges and execute code in the context of SYSTEM. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1581 •