Total
2612 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-9669 | 2 Adobe, Microsoft | 2 Creative Cloud, Windows | 2026-06-17 | 7.5 HIGH | 9.8 CRITICAL |
| Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a lack of exploit mitigations vulnerability. Successful exploitation could lead to privilege escalation. | |||||
| CVE-2020-9225 | 1 Huawei | 1 Fusionsphere Openstack | 2026-06-17 | 4.6 MEDIUM | 7.8 HIGH |
| FusionSphere OpenStack 6.5.1 have an improper permissions management vulnerability. The software does not correctly perform a privilege assignment when an actor attempts to perform an action. Successful exploit could allow certain user to do certain operations beyond its privilege. | |||||
| CVE-2020-9222 | 1 Huawei | 1 Fusioncompute | 2026-06-17 | N/A | 7.0 HIGH |
| There is a privilege escalation vulnerability in Huawei FusionCompute product. Due to insufficient verification on specific files that need to be deserialized, local attackers can exploit this vulnerability to elevate permissions. (Vulnerability ID: HWPSIRT-2020-05241) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9222. | |||||
| CVE-2020-9141 | 1 Huawei | 2 Emui, Magic Ui | 2026-06-17 | 6.4 MEDIUM | 9.1 CRITICAL |
| There is a improper privilege management vulnerability in some Huawei smartphone. Successful exploitation of this vulnerability can cause information disclosure and malfunctions due to insufficient verification of data authenticity. | |||||
| CVE-2020-9114 | 1 Huawei | 1 Fusioncompute | 2026-06-17 | 7.2 HIGH | 7.8 HIGH |
| FusionCompute versions 6.3.0, 6.3.1, 6.5.0, 6.5.1 and 8.0.0 have a privilege escalation vulnerability. Due to improper privilege management, an attacker with common privilege may access some specific files and get the administrator privilege in the affected products. Successful exploit will cause privilege escalation. | |||||
| CVE-2020-9112 | 1 Huawei | 2 Taurus-an00b, Taurus-an00b Firmware | 2026-06-17 | 4.6 MEDIUM | 7.8 HIGH |
| Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have a privilege elevation vulnerability. Due to lack of privilege restrictions on some of the business functions of the device. An attacker could exploit this vulnerability to access the protecting information, resulting in the elevation of the privilege. | |||||
| CVE-2020-9080 | 1 Huawei | 6 Mate 20 Pro, Mate 20 Pro \(ud\), Mate 20 Pro \(ud\) Firmware and 3 more | 2026-06-17 | N/A | 7.8 HIGH |
| There is an improper privilege management vulnerability in Huawei smart phone product. A local, authenticated attacker could craft a specific input to exploit this vulnerability. Successful exploitation may lead to local privilege escalation. (Vulnerability ID: HWPSIRT-2020-05272) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2020-9080. | |||||
| CVE-2020-9046 | 1 Johnsoncontrols | 1 Kantech Entrapass | 2026-06-17 | 7.2 HIGH | 8.8 HIGH |
| A vulnerability in all versions of Kantech EntraPass Editions could potentially allow an authorized low-privileged user to gain full system-level privileges by replacing critical files with specifically crafted files. | |||||
| CVE-2020-8873 | 1 Parallels | 1 Parallels Desktop | 2026-06-17 | 4.6 MEDIUM | 6.7 MEDIUM |
| This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.2-47123. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the xHCI component. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the hypervisor. Was ZDI-CAN-10031. | |||||
| CVE-2020-8655 | 1 Eyesofnetwork | 1 Eyesofnetwork | 2026-06-17 | 9.3 HIGH | 7.8 HIGH |
| An issue was discovered in EyesOfNetwork 5.3. The sudoers configuration is prone to a privilege escalation vulnerability, allowing the apache user to run arbitrary commands as root via a crafted NSE script for nmap 7. | |||||
| CVE-2020-8624 | 6 Canonical, Debian, Fedoraproject and 3 more | 6 Ubuntu Linux, Debian Linux, Fedora and 3 more | 2026-06-17 | 4.0 MEDIUM | 4.3 MEDIUM |
| In BIND 9.9.12 -> 9.9.13, 9.10.7 -> 9.10.8, 9.11.3 -> 9.11.21, 9.12.1 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.12-S1 -> 9.9.13-S1, 9.11.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker who has been granted privileges to change a specific subset of the zone's content could abuse these unintended additional privileges to update other contents of the zone. | |||||
| CVE-2020-8474 | 1 Abb | 1 800xa Base System | 2026-06-17 | 4.6 MEDIUM | 7.8 HIGH |
| Weak Registry permissions in ABB System 800xA Base allow low privileged users to read and modify registry settings related to control system functionality, allowing an authenticated attacker to cause system functions to stop or malfunction. | |||||
| CVE-2020-8351 | 1 Lenovo | 1 Pcmanager | 2026-06-17 | 4.6 MEDIUM | 7.8 HIGH |
| A privilege escalation vulnerability was reported in Lenovo PCManager prior to version 3.0.50.9162 that could allow an authenticated user to execute code with elevated privileges. | |||||
| CVE-2020-8327 | 1 Lenovo | 1 Vantage | 2026-06-17 | 7.2 HIGH | 7.3 HIGH |
| A privilege escalation vulnerability was reported in LenovoBatteryGaugePackage for Lenovo System Interface Foundation bundled in Lenovo Vantage prior to version 10.2003.10.0 that could allow an authenticated user to execute code with elevated privileges. | |||||
| CVE-2020-8320 | 1 Lenovo | 200 Thinkpad 11e, Thinkpad 11e Firmware, Thinkpad 11e Yoga Gen 6 and 197 more | 2026-06-17 | 4.6 MEDIUM | 6.4 MEDIUM |
| An internal shell was included in BIOS image in some ThinkPad models that could allow escalation of privilege. | |||||
| CVE-2020-8290 | 1 Backblaze | 1 Backblaze | 2026-06-17 | 4.6 MEDIUM | 7.8 HIGH |
| Backblaze for Windows and Backblaze for macOS before 7.0.0.439 suffer from improper privilege management in `bztransmit` helper due to lack of permission handling and validation before creation of client update directories allowing for local escalation of privilege via rogue client update binary. | |||||
| CVE-2020-8283 | 1 Citrix | 3 Virtual Apps And Desktops, Xenapp, Xendesktop | 2026-06-17 | 9.0 HIGH | 8.8 HIGH |
| An authorised user on a Windows host running Citrix Universal Print Server can perform arbitrary command execution as SYSTEM in CVAD versions before 2009, 1912 LTSR CU1 hotfixes CTX285870 and CTX286120, 7.15 LTSR CU6 hotfix CTX285344 and 7.6 LTSR CU9. | |||||
| CVE-2020-8275 | 1 Citrix | 1 Secure Mail | 2026-06-17 | 4.3 MEDIUM | 4.3 MEDIUM |
| Citrix Secure Mail for Android before 20.11.0 suffers from improper access control allowing unauthenticated access to read limited calendar related data stored within Secure Mail. Note that a malicious app would need to be installed on the Android device or a threat actor would need to execute arbitrary code on the Android device. | |||||
| CVE-2020-8269 | 1 Citrix | 3 Virtual Apps And Desktops, Xenapp, Xendesktop | 2026-06-17 | 9.0 HIGH | 8.8 HIGH |
| An unprivileged Windows user on the VDA can perform arbitrary command execution as SYSTEM in CVAD versions before 2009, 1912 LTSR CU1 hotfixes CTX285870 and CTX286120, 7.15 LTSR CU6 hotfix CTX285344 and 7.6 LTSR CU9 | |||||
| CVE-2020-8258 | 1 Citrix | 1 Gateway Plug-in | 2026-06-17 | 5.0 MEDIUM | 7.5 HIGH |
| Improper privilege management on services run by Citrix Gateway Plug-in for Windows, versions before and including 13.0-61.48 and 12.1-58.15, allows an attacker to modify arbitrary files. | |||||