| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
|
IBM Security Verify Governance, Identity Manager 10.0.1 software component could allow an authenticated user to modify or cancel any other user's access request using man-in-the-middle techniques. IBM X-Force ID: 231096.
|
| A link following vulnerability in the Damage Cleanup Engine component of Trend Micro Apex One and Trend Micro Apex One as a Service could allow a local attacker to escalate privileges by creating a symbolic link and abusing the service to delete a file.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. |
| A vulnerability, which was classified as problematic, was found in ShadeYouVPN.com Client 2.0.1.11. Affected is an unknown function. The manipulation leads to improper privilege management. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. Upgrading to version 2.0.1.12 is able to address this issue. It is recommended to upgrade the affected component. |
| A vulnerability was found in Viscosity 1.6.7. It has been classified as critical. This affects an unknown part of the component DLL Handler. The manipulation leads to untrusted search path. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.6.8 is able to address this issue. It is recommended to upgrade the affected component. |
| A vulnerability has been found in FileZilla Client 3.17.0.0 and classified as problematic. This vulnerability affects unknown code of the file C:\Program Files\FileZilla FTP Client\uninstall.exe of the component Installer. The manipulation leads to unquoted search path. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. |
| Microsoft Edge (Chromium-based) Information Disclosure Vulnerability |
| Windows Remote Desktop Gateway (RD Gateway) Information Disclosure Vulnerability |
| Microsoft Edge (Chromium-based) Information Disclosure Vulnerability |
| Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability |
| Azure RTOS GUIX Studio Remote Code Execution Vulnerability |
| Windows MSHTML Platform Remote Code Execution Vulnerability |
| Microsoft Office Graphics Elevation of Privilege Vulnerability |
| Microsoft Common Data Model SDK Denial of Service Vulnerability |
| Win32k Elevation of Privilege Vulnerability |
| Windows RDP Encoder Mirror Driver Elevation of Privilege Vulnerability |
| Win32k Elevation of Privilege Vulnerability |
| Microsoft Exchange Server Remote Code Execution Vulnerability |
| Skype for Business Remote Code Execution Vulnerability |
| Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability |
| Windows Graphics Component Elevation of Privilege Vulnerability |
