Common Vulnerabilities and Exposures is a rundown of sections-each containing a recognizable proof number, a portrayal, and no less than one open reference-for freely known cybersecurity vulnerabilities. CVE Entries are utilized in various cybersecurity items and administrations from around the globe.

CVE-2020-9442: OpenVPN vulnerability

April 8, 2020 0

OpenVPN Connect 3.1.0.361 on Windows has Insecure Permissions for %PROGRAMDATA%\OpenVPN Connect\drivers\tap\amd64\win10, which allows local users to gain privileges by copying a malicious drvstore.dll there. References github.com/hessandrew/CVE-2020-9442

CVE-2020-8818: Magento plugin vulnerability

April 8, 2020 0

An issue was discovered in the CardGate Payments plugin through 2.0.30 for Magento 2. Lack of origin authentication in the IPN callback processing function in Controller/Payment/Callback.php allows an attacker to remotely replace critical plugin settings Read more

CVE-2020-5856: Amazon vulnerability

April 8, 2020 0

On BIG-IP 15.0.0-15.0.1.1 and 14.1.0-14.1.2.2, while processing specifically crafted traffic using the default ‘xnet’ driver, Virtual Edition instances hosted in Amazon Web Services (AWS) may experience a TMM restart. References support.f5.com/csp/article/K00025388

CVE-2020-3758: Magento vulnerability

April 8, 2020 0

Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure. References helpx.adobe.com/security/products/magento/apsb20-02.html

CVE-2020-5180: OpenVPN vulnerability

April 8, 2020 0

Viscosity 1.8.2 on Windows and macOS allows an unprivileged user to set a subset of OpenVPN parameters, which can be used to load a malicious library into the memory of the OpenVPN process, leading to Read more

1 55 56 57 58 59 71