| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
651 |
CVE-2020-8912 |
327 |
|
|
2020-08-11 |
2020-08-17 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
A vulnerability in the in-band key negotiation exists in the AWS S3 Crypto SDK for GoLang versions prior to V2. An attacker with write access to the targeted bucket can change the encryption algorithm of an object in the bucket, which can then allow them to change AES-GCM to AES-CTR. Using this in combination with a decryption oracle can reveal the authentication key used by AES-GCM as decrypting the GMAC tag leaves the authentication key recoverable as an algebraic equation. It is recommended to update your SDK to V2 or later, and re-encrypt your files. |
|
652 |
CVE-2020-8911 |
327 |
|
|
2020-08-11 |
2020-08-18 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
A padding oracle vulnerability exists in the AWS S3 Crypto SDK for GoLang versions prior to V2. The SDK allows users to encrypt files with AES-CBC without computing a Message Authentication Code (MAC), which then allows an attacker who has write access to the target's S3 bucket and can observe whether or not an endpoint with access to the key can decrypt a file, they can reconstruct the plaintext with (on average) 128*length (plaintext) queries to the endpoint, by exploiting CBC's ability to manipulate the bytes of the next block and PKCS5 padding errors. It is recommended to update your SDK to V2 or later, and re-encrypt your files. |
|
653 |
CVE-2020-8905 |
120 |
|
|
2020-08-12 |
2020-08-13 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
A buffer length validation vulnerability in Asylo versions prior to 0.6.0 allows an attacker to read data they should not have access to. The 'enc_untrusted_recvfrom' function generates a return value which is deserialized by 'MessageReader', and copied into three different 'extents'. The length of the third 'extents' is controlled by the outside world, and not verified on copy, allowing the attacker to force Asylo to copy trusted memory data into an untrusted buffer of significantly small length.. We recommend updating Asylo to version 0.6.0 or later. |
|
654 |
CVE-2020-8904 |
119 |
|
Overflow |
2020-08-12 |
2020-08-13 |
5.5 |
None |
Remote |
Low |
??? |
None |
Partial |
Partial |
|
An arbitrary memory overwrite vulnerability in the trusted memory of Asylo exists in versions prior to 0.6.0. As the ecall_restore function fails to validate the range of the output_len pointer, an attacker can manipulate the tmp_output_len value and write to an arbitrary location in the trusted (enclave) memory. We recommend updating Asylo to version 0.6.0 or later. |
|
655 |
CVE-2020-8870 |
125 |
|
Exec Code |
2020-08-20 |
2020-08-25 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.916. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of TIF files from the GetTIFPalette method. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9931. |
|
656 |
CVE-2020-8869 |
121 |
|
Exec Code |
2020-08-20 |
2020-08-25 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.916. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of TIF files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9881. |
|
657 |
CVE-2020-8763 |
276 |
|
|
2020-08-13 |
2020-08-19 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Improper permissions in the installer for the Intel(R) RealSense(TM) D400 Series UWP driver for Windows* 10 may allow an authenticated user to potentially enable escalation of privilege via local access. |
|
658 |
CVE-2020-8759 |
|
|
|
2020-08-13 |
2020-08-19 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Improper access control in the installer for Intel(R) SSD DCT versions before 3.0.23 may allow a privileged user to potentially enable escalation of privilege via local access. |
|
659 |
CVE-2020-8743 |
276 |
|
|
2020-08-13 |
2020-08-19 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Improper permissions in the installer for the Intel(R) Mailbox Interface driver, all versions, may allow an authenticated user to potentially enable escalation of privilege via local access. |
|
660 |
CVE-2020-8742 |
20 |
|
|
2020-08-13 |
2020-08-19 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Improper input validation in the firmware for Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access. |
|
661 |
CVE-2020-8736 |
269 |
|
|
2020-08-13 |
2021-07-21 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Improper access control in subsystem for the Intel(R) Computing Improvement Program before version 2.4.5718 may allow an authenticated user to potentially enable escalation of privilege via local access. |
|
662 |
CVE-2020-8733 |
119 |
|
Overflow |
2020-08-13 |
2021-07-21 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Improper buffer restrictions in the firmware for Intel(R) Server Board M10JNP2SB before version 7.210 may allow a privileged user to potentially enable escalation of privilege via local access. |
|
663 |
CVE-2020-8732 |
787 |
|
Overflow |
2020-08-13 |
2020-08-17 |
5.8 |
None |
Local Network |
Low |
Not required |
Partial |
Partial |
Partial |
|
Heap-based buffer overflow in the firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. |
|
664 |
CVE-2020-8731 |
732 |
|
|
2020-08-13 |
2020-08-17 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Incorrect execution-assigned permissions in the file system for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable escalation of privilege via local access. |
|
665 |
CVE-2020-8730 |
787 |
|
Overflow |
2020-08-13 |
2020-08-17 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Heap-based overflow for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable escalation of privilege via local access. |
|
666 |
CVE-2020-8729 |
120 |
|
|
2020-08-13 |
2020-08-17 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer copy without checking size of input for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable escalation of privilege via local access. |
|
667 |
CVE-2020-8723 |
79 |
|
XSS |
2020-08-13 |
2020-08-17 |
5.4 |
None |
Local Network |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Cross-site scripting for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. |
|
668 |
CVE-2020-8722 |
120 |
|
Overflow |
2020-08-13 |
2020-08-17 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in a subsystem for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow a privileged user to potentially enable escalation of privilege via local access. |
|
669 |
CVE-2020-8721 |
20 |
|
|
2020-08-13 |
2020-08-17 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Improper input validation for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow a privileged user to potentially enable escalation of privilege via local access. |
|
670 |
CVE-2020-8720 |
120 |
|
DoS Overflow |
2020-08-13 |
2020-08-17 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Buffer overflow in a subsystem for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow a privileged user to potentially enable denial of service via local access. |
|
671 |
CVE-2020-8719 |
120 |
|
Overflow |
2020-08-13 |
2020-08-17 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in subsystem for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow a privileged user to potentially enable escalation of privilege via local access. |
|
672 |
CVE-2020-8718 |
120 |
|
Overflow |
2020-08-13 |
2020-08-17 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in a subsystem for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable escalation of privilege via local access. |
|
673 |
CVE-2020-8717 |
20 |
|
DoS |
2020-08-13 |
2020-08-17 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Improper input validation in a subsystem for some Intel Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable denial of service via local access. |
|
674 |
CVE-2020-8716 |
|
|
DoS |
2020-08-13 |
2020-08-17 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Improper access control for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable denial of service via local access. |
|
675 |
CVE-2020-8715 |
763 |
|
DoS |
2020-08-13 |
2020-08-19 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Invalid pointer for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable denial of service via local access. |
|
676 |
CVE-2020-8714 |
287 |
|
|
2020-08-13 |
2020-08-19 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Improper authentication for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable escalation of privilege via local access. |
|
677 |
CVE-2020-8713 |
287 |
|
|
2020-08-13 |
2020-08-19 |
5.8 |
None |
Local Network |
Low |
Not required |
Partial |
Partial |
Partial |
|
Improper authentication for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. |
|
678 |
CVE-2020-8712 |
120 |
|
Overflow |
2020-08-13 |
2020-08-19 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in a verification process for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.45 may allow an authenticated user to potentially enable escalation of privilege via local access. |
|
679 |
CVE-2020-8711 |
|
|
|
2020-08-13 |
2020-08-19 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Improper access control in the bootloader for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.45 may allow a privileged user to potentially enable escalation of privilege via local access. |
|
680 |
CVE-2020-8710 |
120 |
|
Overflow |
2020-08-13 |
2020-08-19 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in the bootloader for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.45 may allow a privileged user to potentially enable escalation of privilege via local access. |
|
681 |
CVE-2020-8709 |
287 |
|
|
2020-08-13 |
2020-08-19 |
5.8 |
None |
Local Network |
Low |
Not required |
Partial |
Partial |
Partial |
|
Improper authentication in socket services for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.45 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. |
|
682 |
CVE-2020-8708 |
287 |
|
|
2020-08-13 |
2020-08-19 |
5.8 |
None |
Local Network |
Low |
Not required |
Partial |
Partial |
Partial |
|
Improper authentication for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. |
|
683 |
CVE-2020-8707 |
120 |
|
Overflow |
2020-08-13 |
2020-08-19 |
5.8 |
None |
Local Network |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in daemon for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. |
|
684 |
CVE-2020-8706 |
120 |
|
Overflow |
2020-08-13 |
2020-08-18 |
5.8 |
None |
Local Network |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in a daemon for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. |
|
685 |
CVE-2020-8689 |
119 |
|
DoS Overflow |
2020-08-13 |
2021-07-21 |
3.3 |
None |
Local Network |
Low |
Not required |
None |
None |
Partial |
|
Improper buffer restrictions in the Intel(R) Wireless for Open Source before version 1.5 may allow an unauthenticated user to potentially enable denial of service via adjacent access. |
|
686 |
CVE-2020-8688 |
20 |
|
DoS |
2020-08-13 |
2020-08-19 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Improper input validation in the Intel(R) RAID Web Console 3 for Windows* may allow an unauthenticated user to potentially enable denial of service via network access. |
|
687 |
CVE-2020-8687 |
427 |
|
|
2020-08-13 |
2020-08-19 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Uncontrolled search path in the installer for Intel(R) RSTe Software RAID Driver for the Intel(R) Server Board M10JNP2SB before version 4.7.0.1119 may allow an authenticated user to potentially enable escalation of privilege via local access. |
|
688 |
CVE-2020-8685 |
287 |
|
DoS |
2020-08-13 |
2020-08-19 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Improper authentication in subsystem for Intel (R) LED Manager for NUC before version 1.2.3 may allow privileged user to potentially enable denial of service via local access. |
|
689 |
CVE-2020-8684 |
269 |
|
|
2020-08-13 |
2021-07-21 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Improper access control in firmware for Intel(R) PAC with Arria(R) 10 GX FPGA before Intel Acceleration Stack version 1.2.1 may allow a privileged user to potentially enable escalation of privilege via local access. |
|
690 |
CVE-2020-8683 |
119 |
|
DoS Overflow |
2020-08-13 |
2021-07-21 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Improper buffer restrictions in system driver for some Intel(R) Graphics Drivers before version 15.33.50.5129 may allow an authenticated user to potentially enable denial of service via local access. |
|
691 |
CVE-2020-8682 |
125 |
|
DoS |
2020-08-13 |
2020-08-19 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Out of bounds read in system driver for some Intel(R) Graphics Drivers before version 15.33.50.5129 may allow an authenticated user to potentially enable denial of service via local access. |
|
692 |
CVE-2020-8681 |
787 |
|
|
2020-08-13 |
2020-08-19 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Out of bounds write in system driver for some Intel(R) Graphics Drivers before version 15.33.50.5129 may allow an authenticated user to potentially enable escalation of privilege via local access. |
|
693 |
CVE-2020-8680 |
362 |
|
|
2020-08-13 |
2020-08-19 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Race condition in some Intel(R) Graphics Drivers before version 15.40.45.5126 may allow an authenticated user to potentially enable escalation of privilege via local access. |
|
694 |
CVE-2020-8679 |
787 |
|
DoS |
2020-08-13 |
2020-08-19 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Out-of-bounds write in Kernel Mode Driver for some Intel(R) Graphics Drivers before version 26.20.100.7755 may allow an authenticated user to potentially enable denial of service via local access. |
|
695 |
CVE-2020-8624 |
269 |
|
|
2020-08-21 |
2020-10-20 |
4.0 |
None |
Remote |
Low |
??? |
None |
Partial |
None |
|
In BIND 9.9.12 -> 9.9.13, 9.10.7 -> 9.10.8, 9.11.3 -> 9.11.21, 9.12.1 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.12-S1 -> 9.9.13-S1, 9.11.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker who has been granted privileges to change a specific subset of the zone's content could abuse these unintended additional privileges to update other contents of the zone. |
|
696 |
CVE-2020-8623 |
617 |
|
|
2020-08-21 |
2022-04-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In BIND 9.10.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.10.5-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker that can reach a vulnerable system with a specially crafted query packet can trigger a crash. To be vulnerable, the system must: * be running BIND that was built with "--enable-native-pkcs11" * be signing one or more zones with an RSA key * be able to receive queries from a possible attacker |
|
697 |
CVE-2020-8622 |
617 |
|
|
2020-08-21 |
2021-12-02 |
4.0 |
None |
Remote |
Low |
??? |
None |
None |
Partial |
|
In BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that request, triggering an assertion failure, causing the server to exit. Alternately, an off-path attacker would have to correctly guess when a TSIG-signed request was sent, along with other characteristics of the packet and message, and spoof a truncated response to trigger an assertion failure, causing the server to exit. |
|
698 |
CVE-2020-8621 |
617 |
|
|
2020-08-21 |
2022-04-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In BIND 9.14.0 -> 9.16.5, 9.17.0 -> 9.17.3, If a server is configured with both QNAME minimization and 'forward first' then an attacker who can send queries to it may be able to trigger the condition that will cause the server to crash. Servers that 'forward only' are not affected. |
|
699 |
CVE-2020-8620 |
617 |
|
|
2020-08-21 |
2022-06-02 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
In BIND 9.15.6 -> 9.16.5, 9.17.0 -> 9.17.3, An attacker who can establish a TCP connection with the server and send data on that connection can exploit this to trigger the assertion failure, causing the server to exit. |
|
700 |
CVE-2020-8607 |
20 |
|
Exec Code |
2020-08-05 |
2020-08-11 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
An input validation vulnerability found in multiple Trend Micro products utilizing a particular version of a specific rootkit protection driver could allow an attacker in user-mode with administrator permissions to abuse the driver to modify a kernel address that may cause a system crash or potentially lead to code execution in kernel mode. An attacker must already have obtained administrator access on the target machine (either legitimately or via a separate unrelated attack) to exploit this vulnerability. |
