| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| A client-side enforcement of server-side security in Fortinet FortiPortal version 6.0.0 through 6.0.14 allows attacker to improper access control via crafted HTTP requests. |
| An authorization bypass through user-controlled key vulnerability [CWE-639] in Fortinet FortiPortal version 7.0.0 through 7.0.3 allows an authenticated attacker to interact with ressources of other organizations via HTTP or HTTPS requests. |
| Remote Desktop Licensing Diagnoser Information Disclosure Vulnerability |
| Internet Connection Sharing (ICS) Denial of Service Vulnerability |
| Internet Connection Sharing (ICS) Remote Code Execution Vulnerability |
| Windows Remote Desktop Security Feature Bypass Vulnerability |
| DHCP Server Service Information Disclosure Vulnerability |
| Client Server Run-Time Subsystem (CSRSS) Information Disclosure Vulnerability |
| Windows Media Remote Code Execution Vulnerability |
| Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability |
| Client Server Run-Time Subsystem (CSRSS) Information Disclosure Vulnerability |
| Windows Bluetooth Driver Elevation of Privilege Vulnerability |
| Microsoft Office Information Disclosure Vulnerability |
| HTTP.sys Information Disclosure Vulnerability |
| Event Tracing for Windows Information Disclosure Vulnerability |
| Microsoft Office Visio Remote Code Execution Vulnerability |
| Windows Mark of the Web Security Feature Bypass Vulnerability |
|
Dell Power Protect Cyber Recovery, contains an Authentication Bypass vulnerability. An attacker could potentially exploit this vulnerability, leading to unauthorized admin access to the Cyber Recovery application. Exploitation may lead to complete system takeover by an attacker.
|
| An information disclosure vulnerability in the faye endpoint in Proofpoint Threat Response / Threat Response Auto-Pull (PTR/TRAP) could be used by an attacker on an adjacent network to obtain credentials to integrated services via a man-in-the-middle position or cryptanalysis of the session traffic. An attacker could use these credentials to impersonate PTR/TRAP to these services. All versions prior to 5.10.0 are affected.
|
| NVIDIA Mellanox OS, ONYX, Skyway, MetroX-2 and MetroX-3 XC contain a vulnerability in ipfilter, where improper ipfilter definitions could enable an attacker to cause a failure by attacking the switch. A successful exploit of this vulnerability might lead to denial of service. |