Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In November 2020
CVE-2020-26804
In Sentrifugo 3.2, users can share an announcement under "Organization -> Announcements" tab. Also, in this page, users can upload attachments with the shared announcements. This "Upload Attachment" functionality is suffered from "Unrestricted File Upload" vulnerability so attacker can upload malicious files using this functionality and control the server.
CVSS Score
8.8
EPSS Score
0.004
Published
2020-11-12
CVE-2020-12323
Improper input validation in the Intel(R) ADAS IE before version ADAS_IE_1.0.766 may allow a privileged user to potentially enable escalation of privilege via local access.
CVSS Score
6.7
EPSS Score
0.001
Published
2020-11-12
CVE-2020-12324
Protection mechanism failure in some Intel(R) Thunderbolt(TM) DCH drivers for Windows* before version 72 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVSS Score
7.8
EPSS Score
0.001
Published
2020-11-12
CVE-2020-12325
Improper buffer restrictions in some Intel(R) Thunderbolt(TM) DCH drivers for Windows* before version 72 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVSS Score
7.8
EPSS Score
0.001
Published
2020-11-12
CVE-2020-12326
Improper initialization in some Intel(R) Thunderbolt(TM) DCH drivers for Windows* before version 72 may allow an authenticated user to potentially enable information disclosure via local access.
CVSS Score
5.5
EPSS Score
0.001
Published
2020-11-12
CVE-2020-12327
Insecure default variable initialization in some Intel(R) Thunderbolt(TM) DCH drivers for Windows* before version 72 may allow a privileged user to potentially enable information disclosure via local access.
CVSS Score
4.4
EPSS Score
0.001
Published
2020-11-12
CVE-2020-12328
Protection mechanism failure in some Intel(R) Thunderbolt(TM) DCH drivers for Windows* before version 72 may allow a privileged user to potentially enable information disclosure via local access.
CVSS Score
4.4
EPSS Score
0.001
Published
2020-11-12
CVE-2020-12329
Uncontrolled search path in the Intel(R) VTune(TM) Profiler before version 2020 Update 1 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVSS Score
7.8
EPSS Score
0.001
Published
2020-11-12
CVE-2020-12330
Improper permissions in the installer for the Intel(R) Falcon 8+ UAS AscTec Thermal Viewer, all versions, may allow an authenticated user to potentially enable escalation of privilege via local access.
CVSS Score
7.8
EPSS Score
0.0
Published
2020-11-12
CVE-2020-12331
Improper access controls in Intel Unite(R) Cloud Service client before version 4.2.12212 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVSS Score
7.8
EPSS Score
0.001
Published
2020-11-12


Products
Pricing
Contact Us

Shodan ® - All rights reserved