Total
2352 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-7287 | 2 Linux, Mcafee | 2 Linux Kernel, Endpoint Detection And Response | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Privilege Escalation vulnerability in McAfee Exploit Detection and Response (EDR) for Linux prior to 3.1.0 Hotfix 1 allows a malicious script or program to perform functions that the local executing user has not been granted access to. | |||||
| CVE-2020-7286 | 2 Mcafee, Microsoft | 2 Endpoint Detection And Response, Windows | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Privilege Escalation vulnerability in McAfee Exploit Detection and Response (EDR) for Windows prior to 3.1.0 Hotfix 1 allows a malicious script or program to perform functions that the local executing user has not been granted access to. | |||||
| CVE-2020-7285 | 1 Mcafee | 1 Mvision Endpoint | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Privilege Escalation vulnerability in McAfee MVISION Endpoint prior to 20.5.0.94 allows a malicious script or program to perform functions that the local executing user has not been granted access to. | |||||
| CVE-2020-7283 | 1 Mcafee | 1 Total Protection | 2024-11-21 | 4.6 MEDIUM | 7.5 HIGH |
| Privilege Escalation vulnerability in McAfee Total Protection (MTP) before 16.0.R26 allows local users to create and edit files via symbolic link manipulation in a location they would otherwise not have access to. This is achieved through running a malicious script or program on the target machine. | |||||
| CVE-2020-7281 | 1 Mcafee | 1 Total Protection | 2024-11-21 | 1.9 LOW | 7.5 HIGH |
| Privilege Escalation vulnerability in McAfee Total Protection (MTP) prior to 16.0.R26 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine. | |||||
| CVE-2020-7280 | 1 Mcafee | 1 Virusscan Enterprise | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Privilege Escalation vulnerability during daily DAT updates when using McAfee Virus Scan Enterprise (VSE) prior to 8.8 Patch 15 allows local users to cause the deletion and creation of files they would not normally have permission to through altering the target of symbolic links. This is timing dependent. | |||||
| CVE-2020-7274 | 1 Mcafee | 1 Endpoint Security | 2024-11-21 | 4.6 MEDIUM | 6.6 MEDIUM |
| Privilege escalation vulnerability in McTray.exe in McAfee Endpoint Security (ENS) for Windows Prior to 10.7.0 April 2020 Update allows local users to spawn unrelated processes with elevated privileges via the system administrator granting McTray.exe elevated privileges (by default it runs with the current user's privileges). | |||||
| CVE-2020-7273 | 1 Mcafee | 1 Endpoint Security | 2024-11-21 | 2.1 LOW | 6.7 MEDIUM |
| Accessing functionality not properly constrained by ACLs vulnerability in the autorun start-up protection in McAfee Endpoint Security (ENS) for Windows Prior to 10.7.0 April 2020 Update allows local users to delete or rename programs in the autorun key via manipulation of some parameters. | |||||
| CVE-2020-7267 | 1 Mcafee | 1 Virusscan Enterprise | 2024-11-21 | 3.6 LOW | 8.8 HIGH |
| Privilege Escalation vulnerability in McAfee VirusScan Enterprise (VSE) for Linux prior to 2.0.3 Hotfix 2635000 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine. | |||||
| CVE-2020-7266 | 1 Mcafee | 1 Virusscan Enterprise | 2024-11-21 | 3.6 LOW | 8.8 HIGH |
| Privilege Escalation vulnerability in McAfee VirusScan Enterprise (VSE) for Windows prior to 8.8 Patch 14 Hotfix 116778 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine. | |||||
| CVE-2020-7265 | 1 Mcafee | 1 Endpoint Security | 2024-11-21 | 3.6 LOW | 8.8 HIGH |
| Privilege Escalation vulnerability in McAfee Endpoint Security (ENS) for Mac prior to 10.6.9 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine. | |||||
| CVE-2020-7264 | 1 Mcafee | 1 Endpoint Security | 2024-11-21 | 3.6 LOW | 8.8 HIGH |
| Privilege Escalation vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 Hotfix 199847 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine. | |||||
| CVE-2020-7259 | 1 Mcafee | 1 Endpoint Security | 2024-11-21 | 4.6 MEDIUM | 6.6 MEDIUM |
| Exploitation of Privilege/Trust vulnerability in file in McAfee Endpoint Security (ENS) Prior to 10.7.0 February 2020 Update allows local users to bypass local security protection via a carefully crafted input file | |||||
| CVE-2020-7257 | 1 Mcafee | 1 Endpoint Security | 2024-11-21 | 3.3 LOW | 8.4 HIGH |
| Privilege escalation vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2020 Update allows local users to cause the deletion and creation of files they would not normally have permission to through altering the target of symbolic links whilst an anti-virus scan was in progress. This is timing dependent. | |||||
| CVE-2020-7255 | 1 Mcafee | 1 Endpoint Security | 2024-11-21 | 3.6 LOW | 3.9 LOW |
| Privilege escalation vulnerability in the administrative user interface in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2020 Update allows local users to gain elevated privileges via ENS not checking user permissions when editing configuration in the ENS client interface. Administrators can lock the ENS client interface through ePO to prevent users being able to edit the configuration. | |||||
| CVE-2020-7254 | 1 Mcafee | 1 Advanced Threat Defense | 2024-11-21 | 4.6 MEDIUM | 7.7 HIGH |
| Privilege Escalation vulnerability in the command line interface in McAfee Advanced Threat Defense (ATD) 4.x prior to 4.8.2 allows local users to execute arbitrary code via improper access controls on the sudo command. | |||||
| CVE-2020-7125 | 1 Arubanetworks | 1 Airwave Glass | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| A remote escalation of privilege vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2. | |||||
| CVE-2020-7047 | 1 Webfactoryltd | 1 Wp Database Reset | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| The WordPress plugin, WP Database Reset through 3.1, contains a flaw that gave any authenticated user, with minimal permissions, the ability (with a simple wp-admin/admin.php?db-reset-tables[]=users request) to escalate their privileges to administrator while dropping all other users from the table. | |||||
| CVE-2020-7020 | 1 Elastic | 1 Elasticsearch | 2024-11-21 | 3.5 LOW | 3.1 LOW |
| Elasticsearch versions before 6.8.13 and 7.9.2 contain a document disclosure flaw when Document or Field Level Security is used. Search queries do not properly preserve security permissions when executing certain complex queries. This could result in the search disclosing the existence of documents the attacker should not be able to view. This could result in an attacker gaining additional insight into potentially sensitive indices. | |||||
| CVE-2020-7019 | 1 Elastic | 1 Elasticsearch | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| In Elasticsearch before 7.9.0 and 6.8.12 a field disclosure flaw was found when running a scrolling search with Field Level Security. If a user runs the same query another more privileged user recently ran, the scrolling search can leak fields that should be hidden. This could result in an attacker gaining additional permissions against a restricted index. | |||||