An information disclosure vulnerability exists when the Windows Agent Activation Runtime (AarSvc) fails to properly handle objects in memory, aka ‘Windows Agent Activation Runtime Information Disclosure Vulnerability’. Date published : 2020-07-14 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1391
An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka ‘Windows Network Connections Service Elevation of Privilege Vulnerability’. This CVE ID is unique from...
An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, aka ‘Windows Kernel Information Disclosure Vulnerability’. This CVE ID is unique from CVE-2020-1367, CVE-2020-1419, CVE-2020-1426. Date published :...
An elevation of privilege vulnerability exists in the way that the psmsrv.dll handles objects in memory, aka ‘Windows Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2020-1392, CVE-2020-1394, CVE-2020-1395. Date published :...
An elevation of privilege vulnerability exists in the way the Windows Push Notification Service handles objects in memory, aka ‘Windows Push Notification Service Elevation of Privilege Vulnerability’. Date published : 2020-07-14 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1387
An information vulnerability exists when Windows Connected User Experiences and Telemetry Service improperly discloses file information, aka ‘Connected User Experiences and Telemetry Service Information Disclosure Vulnerability’. Date published : 2020-07-14 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1386
An elevation of privilege vulnerability exists in the way that the Windows Credential Picker handles objects in memory, aka ‘Windows Credential Picker Elevation of Privilege Vulnerability’. Date published : 2020-07-14 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1385
Sylabs Singularity 3.0 through 3.5 lacks support for an Integrity Check. Singularity’s sign and verify commands do not sign metadata found in the global header or data object descriptors of a SIF file. Date...
Sylabs Singularity 3.5.0 through 3.5.3 fails to report an error in a Status Code. Date published : 2020-07-14 https://github.com/hpcng/singularity/security/advisories/GHSA-6w7g-p4jh-rf92 https://medium.com/sylabs
Sylabs Singularity 3.0 through 3.5 has Improper Validation of an Integrity Check Value. Image integrity is not validated when an ECL policy is enforced. The fingerprint required by the ECL is compared against the...
An elevation of privilege vulnerability exists when the Windows Cryptography Next Generation (CNG) Key Isolation service improperly handles memory, aka ‘Windows CNG Key Isolation Service Elevation of Privilege Vulnerability’. This CVE ID is unique...
An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka ‘Windows Graphics Component Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2020-1381. Date published :...
An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka ‘Windows Graphics Component Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2020-1382. Date published :...
The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, failed to properly block access to CLONE_NEWUSER and the TIOCSTI ioctl. CLONE_NEWUSER could potentially be used to confuse xdg-desktop-portal, which allows access outside...