CVE-2020-5798

inSync Client installer for macOS versions v6.8.0 and prior could allow an attacker to gain privileges of a root user from a lower privileged user due to improper integrity checks and directory permissions.

Publication date: Mon, 07 Dec 2020 19:15:00 +0000

Cyber News related to CVE-2020-5798

CVE-2024-5798 - Vault and Vault Enterprise did not properly validate the JSON Web Token (JWT) role-bound audience claim when using the Vault JWT auth method. This may have resulted in Vault validating a JWT the audience and role-bound claims do not match, allowing ...
5 months ago Tenable.com

CVE-2020-5798 - inSync Client installer for macOS versions v6.8.0 and prior could allow an attacker to gain privileges of a root user from a lower privileged user due to improper integrity checks and directory permissions. ...
3 years ago

CVE-2020-1246 - An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, ...
3 years ago

CVE-2020-1266 - An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, ...
3 years ago

CVE-2020-1262 - An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, ...
3 years ago

CVE-2020-1275 - An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, ...
3 years ago

CVE-2020-1264 - An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, ...
3 years ago

CVE-2020-1276 - An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, ...
3 years ago

CVE-2020-1274 - An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, ...
3 years ago

CVE-2020-1237 - An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1246, CVE-2020-1262, ...
3 years ago

CVE-2020-1307 - An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, ...
3 years ago

CVE-2020-1273 - An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, ...
3 years ago

CVE-2020-1316 - An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, ...
3 years ago

CVE-2020-1269 - An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, ...
2 years ago

CVE-2020-0986 - An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1237, CVE-2020-1246, ...
2 years ago

CVE-2018-5798 - This CVE relates to an unspecified cross site scripting vulnerability in Cloudera Manager. ...
5 years ago

CVE-2012-5798 - The PayPal Pro PayFlow EC module in osCommerce does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof ...
12 years ago

CVE-2013-5798 - Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware 11.1.2.0.0 and 11.1.2.1.0 allows remote attackers to affect integrity via unknown vectors related to End User Self Service. ...
11 years ago

CVE-2014-5798 - The smart.calculator (aka nh.smart.calculator) application 2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. ...
10 years ago

CVE-2015-5798 - WebKit, as used in Apple iTunes before 12.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability ...
7 years ago

CVE-2016-5798 - An issue was discovered in Fatek Automation PM Designer V3 Version 2.1.2.2, and Automation FV Designer Version 1.2.8.0. By sending additional valid packets, an attacker could trigger a stack-based buffer overflow and cause a crash. Also, a malicious ...
7 years ago

CVE-2006-5798 - SQL injection vulnerability in default.asp in Xenis.creator CMS allows remote attackers to execute arbitrary SQL commands via the contid parameter. ...
7 years ago

CVE-2007-5798 - Multiple cross-site scripting (XSS) vulnerabilities in uddigui/navigateTree.do in the UDDI user console in IBM WebSphere Application Server (WAS) before 6.1.0 Fix Pack 13 (6.1.0.13) allow remote attackers to inject arbitrary web script or HTML via ...
7 years ago

CVE-2008-5798 - SQL injection vulnerability in the CMS Poll system (cms_poll) extension before 0.1.1 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. ...
7 years ago

CVE-2017-5798 - A Remote Code Execution vulnerability in HPE OpenCall Media Platform (OCMP) was found. The vulnerability impacts OCMP versions prior to 3.4.2 RP201 (for OCMP 3.x), all versions prior to 4.4.7 RP702 (for OCMP 4.x). ...
6 years ago

Latest Cyber News

CVE-2024-53094 - 17 hours ago
CVE-2024-52289 - 18 hours ago
CVE-2024-52307 - 18 hours ago
CVE-2024-52309 - 18 hours ago
CVE-2024-52799 - 18 hours ago
CVE-2024-52803 - 18 hours ago
CVE-2024-8525 - 20 hours ago
CVE-2024-8526 - 20 hours ago
CVE-2024-28892 - 21 hours ago
CVE-2024-21855 - 21 hours ago
CVE-2024-28025 - 21 hours ago
CVE-2024-28027 - 21 hours ago
CVE-2024-21786 - 21 hours ago
CVE-2024-11592 - 21 hours ago
CVE-2024-11591 - 21 hours ago
CVE-2024-7130 - 22 hours ago
CVE-2024-11590 - 22 hours ago
CVE-2024-11588 - 23 hours ago
CVE-2024-11587 - 23 hours ago
CVE-2024-10316 - 1 day ago

Cyber Trends (last 7 days)

Okta - 11 months ago
23andMe - 11 months ago
Kimsuky - 11 months ago
LogoFAIL - 11 months ago
Gh0st rat - 11 months ago

Trending Cyber News (last 7 days)

CVE-2024-11595 - 2 days ago
CVE-2024-45510 - 2 days ago
CVE-2024-45511 - 2 days ago
CVE-2024-48530 - 2 days ago
CVE-2024-48531 - 2 days ago
CVE-2024-48983 - 2 days ago
CVE-2024-48984 - 2 days ago
CVE-2024-51151 - 2 days ago
CVE-2024-51208 - 2 days ago
CVE-2024-52754 - 2 days ago
CVE-2024-52755 - 2 days ago
CVE-2024-52765 - 2 days ago
CVE-2024-52797 - 2 days ago
CVE-2024-8726 - 2 days ago
CVE-2024-10365 - 2 days ago
CVE-2024-52443 - 2 days ago
CVE-2024-52449 - 2 days ago
CVE-2024-10520 - 1 day ago
CVE-2024-11406 - 1 day ago
CVE-2024-10913 - 1 day ago