|
CVE-2020-3403
|
Cisco IOS XE Software
| primary_impact |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2020-3403
|
Cisco IOS XE Software
| secondary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2020-3403
|
Cisco IOS XE Software
| exploitation_technique |
T1078
|
Valid Accounts
|
|
CVE-2020-3292
|
Cisco Small Business RV Series Router Firmware
| primary_impact |
T1499.004
|
Application or System Exploitation
|
|
CVE-2020-3292
|
Cisco Small Business RV Series Router Firmware
| secondary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2020-3292
|
Cisco Small Business RV Series Router Firmware
| exploitation_technique |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2020-3292
|
Cisco Small Business RV Series Router Firmware
| exploitation_technique |
T1078
|
Valid Accounts
|
|
CVE-2020-3253
|
Cisco Firepower Threat Defense Software
| primary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2020-3253
|
Cisco Firepower Threat Defense Software
| exploitation_technique |
T1078
|
Valid Accounts
|
|
CVE-2020-3233
|
Cisco IOx
| primary_impact |
T1059.007
|
JavaScript
|
|
CVE-2020-3233
|
Cisco IOx
| secondary_impact |
T1557
|
Man-in-the-Middle
|
|
CVE-2020-3233
|
Cisco IOx
| exploitation_technique |
T1204.001
|
Malicious Link
|
|
CVE-2020-3460
|
Cisco Data Center Network Manager
| primary_impact |
T1565.002
|
Transmitted Data Manipulation
|
|
CVE-2020-3460
|
Cisco Data Center Network Manager
| secondary_impact |
T1185
|
Man in the Browser
|
|
CVE-2020-3137
|
Cisco Email Security Appliance (ESA)
| primary_impact |
T1059.007
|
JavaScript
|
|
CVE-2020-3137
|
Cisco Email Security Appliance (ESA)
| secondary_impact |
T1557
|
Man-in-the-Middle
|
|
CVE-2020-3137
|
Cisco Email Security Appliance (ESA)
| exploitation_technique |
T1204.001
|
Malicious Link
|
|
CVE-2020-3312
|
Cisco Firepower Threat Defense Software
| primary_impact |
T1005
|
Data from Local System
|
|
CVE-2020-3312
|
Cisco Firepower Threat Defense Software
| exploitation_technique |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2020-3379
|
Cisco SD-WAN Solution
| primary_impact |
T1608
|
Stage Capabilities
|
|
CVE-2020-3379
|
Cisco SD-WAN Solution
| exploitation_technique |
T1078
|
Valid Accounts
|
|
CVE-2020-3477
|
Cisco IOS
| primary_impact |
T1005
|
Data from Local System
|
|
CVE-2020-3477
|
Cisco IOS
| exploitation_technique |
T1078
|
Valid Accounts
|
|
CVE-2020-3216
|
Cisco IOS XE SD-WAN Software
| primary_impact |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2020-3216
|
Cisco IOS XE SD-WAN Software
| secondary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2020-3306
|
Cisco Adaptive Security Appliance (ASA) Software
| primary_impact |
T1499
|
Endpoint Denial of Service
|
|
CVE-2020-3306
|
Cisco Adaptive Security Appliance (ASA) Software
| exploitation_technique |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2020-3375
|
Cisco SD-WAN vManage
| primary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2020-3375
|
Cisco SD-WAN vManage
| exploitation_technique |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2020-3476
|
Cisco IOS XE Software
| primary_impact |
T1565.001
|
Stored Data Manipulation
|
|
CVE-2020-3476
|
Cisco IOS XE Software
| exploitation_technique |
T1078
|
Valid Accounts
|
|
CVE-2020-3134
|
Cisco Email Security Appliance (ESA)
| primary_impact |
T1489
|
Service Stop
|
|
CVE-2020-3120
|
Cisco IOS XR Software
| primary_impact |
T1499
|
Endpoint Denial of Service
|
|
CVE-2020-3133
|
Cisco Email Security Appliance (ESA)
| primary_impact |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2020-3133
|
Cisco Email Security Appliance (ESA)
| exploitation_technique |
T1566.001
|
Spearphishing Attachment
|
|
CVE-2020-3387
|
Cisco SD-WAN vManage
| primary_impact |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2020-3387
|
Cisco SD-WAN vManage
| exploitation_technique |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2020-3387
|
Cisco SD-WAN vManage
| exploitation_technique |
T1133
|
External Remote Services
|
|
CVE-2020-3440
|
Cisco Webex Meetings
| primary_impact |
T1565.001
|
Stored Data Manipulation
|
|
CVE-2020-3440
|
Cisco Webex Meetings
| exploitation_technique |
T1566
|
Phishing
|
|
CVE-2020-3440
|
Cisco Webex Meetings
| exploitation_technique |
T1204.002
|
Malicious File
|
|
CVE-2020-3121
|
Cisco 550X Series Stackable Managed Switches
| primary_impact |
T1059.007
|
JavaScript
|
|
CVE-2020-3121
|
Cisco 550X Series Stackable Managed Switches
| secondary_impact |
T1557
|
Man-in-the-Middle
|
|
CVE-2020-3121
|
Cisco 550X Series Stackable Managed Switches
| exploitation_technique |
T1204.001
|
Malicious Link
|
|
CVE-2020-3407
|
Cisco IOS XE Software
| primary_impact |
T1499.004
|
Application or System Exploitation
|
|
CVE-2020-3407
|
Cisco IOS XE Software
| exploitation_technique |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2020-3237
|
Cisco IOx
| primary_impact |
T1565.001
|
Stored Data Manipulation
|
|
CVE-2020-3237
|
Cisco IOx
| exploitation_technique |
T1133
|
External Remote Services
|
|
CVE-2020-3416
|
Cisco IOS XE Software
| primary_impact |
T1542.004
|
ROMMONkit
|
|
CVE-2020-3416
|
Cisco IOS XE Software
| exploitation_technique |
T1078
|
Valid Accounts
|
|
CVE-2020-3126
|
Cisco Webex Meetings Multimedia Viewer
| primary_impact |
T1080
|
Taint Shared Content
|
|
CVE-2020-3126
|
Cisco Webex Meetings Multimedia Viewer
| primary_impact |
T1204.002
|
Malicious File
|
|
CVE-2020-3126
|
Cisco Webex Meetings Multimedia Viewer
| exploitation_technique |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2020-3356
|
Cisco Data Center Network Manager
| primary_impact |
T1059.007
|
JavaScript
|
|
CVE-2020-3356
|
Cisco Data Center Network Manager
| secondary_impact |
T1557
|
Man-in-the-Middle
|
|
CVE-2020-3356
|
Cisco Data Center Network Manager
| exploitation_technique |
T1204.001
|
Malicious Link
|
|
CVE-2020-3397
|
Cisco NX-OS Software
| primary_impact |
T1499.004
|
Application or System Exploitation
|
|
CVE-2020-3397
|
Cisco NX-OS Software
| exploitation_technique |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2020-3322
|
Cisco Webex Network Recording Player
| primary_impact |
T1499.004
|
Application or System Exploitation
|
|
CVE-2020-3322
|
Cisco Webex Network Recording Player
| exploitation_technique |
T1566
|
Phishing
|
|
CVE-2020-3322
|
Cisco Webex Network Recording Player
| exploitation_technique |
T1204.002
|
Malicious File
|
|
CVE-2020-3198
|
Cisco IOS 12.2(60)EZ16
| primary_impact |
T1574
|
Hijack Execution Flow
|
|
CVE-2020-3198
|
Cisco IOS 12.2(60)EZ16
| primary_impact |
T1499.004
|
Application or System Exploitation
|
|
CVE-2020-3198
|
Cisco IOS 12.2(60)EZ16
| exploitation_technique |
T1189
|
Drive-by Compromise
|
|
CVE-2020-3198
|
Cisco IOS 12.2(60)EZ16
| exploitation_technique |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2020-3198
|
Cisco IOS 12.2(60)EZ16
| exploitation_technique |
T1133
|
External Remote Services
|
|
CVE-2020-3198
|
Cisco IOS 12.2(60)EZ16
| exploitation_technique |
T1566
|
Phishing
|
|
CVE-2020-3198
|
Cisco IOS 12.2(60)EZ16
| exploitation_technique |
T1204.002
|
Malicious File
|
|
CVE-2020-3198
|
Cisco IOS 12.2(60)EZ16
| exploitation_technique |
T1091
|
Replication Through Removable Media
|
|
CVE-2020-3309
|
Cisco Firepower Threat Defense Software
| primary_impact |
T1574
|
Hijack Execution Flow
|
|
CVE-2020-3309
|
Cisco Firepower Threat Defense Software
| secondary_impact |
T1565.001
|
Stored Data Manipulation
|
|
CVE-2020-3309
|
Cisco Firepower Threat Defense Software
| exploitation_technique |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2020-3309
|
Cisco Firepower Threat Defense Software
| exploitation_technique |
T1133
|
External Remote Services
|
|
CVE-2020-3177
|
Cisco Unified Communications Manager
| primary_impact |
T1005
|
Data from Local System
|
|
CVE-2020-3177
|
Cisco Unified Communications Manager
| exploitation_technique |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2020-3510
|
Cisco IOS XE Software
| primary_impact |
T1499.004
|
Application or System Exploitation
|
|
CVE-2020-3510
|
Cisco IOS XE Software
| exploitation_technique |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2020-3513
|
Cisco IOS XE Software
| primary_impact |
T1542.004
|
ROMMONkit
|
|
CVE-2020-3513
|
Cisco IOS XE Software
| exploitation_technique |
T1078
|
Valid Accounts
|
|
CVE-2020-3409
|
Cisco IOS
| primary_impact |
T1499.004
|
Application or System Exploitation
|
|
CVE-2020-3409
|
Cisco IOS
| exploitation_technique |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2020-3349
|
Cisco Data Center Network Manager
| primary_impact |
T1059.007
|
JavaScript
|
|
CVE-2020-3349
|
Cisco Data Center Network Manager
| secondary_impact |
T1557
|
Man-in-the-Middle
|
|
CVE-2020-3349
|
Cisco Data Center Network Manager
| exploitation_technique |
T1204.001
|
Malicious Link
|
|
CVE-2020-3244
|
Cisco ASR 5000 Series Software
| primary_impact |
T1211
|
Exploitation for Defense Evasion
|
|
CVE-2020-3244
|
Cisco ASR 5000 Series Software
| exploitation_technique |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2020-3240
|
Cisco UCS Director
| primary_impact |
T1005
|
Data from Local System
|
|
CVE-2020-3240
|
Cisco UCS Director
| primary_impact |
T1505.003
|
Web Shell
|
|
CVE-2020-3240
|
Cisco UCS Director
| secondary_impact |
T1003.008
|
/etc/passwd and /etc/shadow
|
|
CVE-2020-3240
|
Cisco UCS Director
| secondary_impact |
T1552.001
|
Credentials In Files
|
|
CVE-2020-3240
|
Cisco UCS Director
| secondary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2020-3240
|
Cisco UCS Director
| exploitation_technique |
T1133
|
External Remote Services
|
|
CVE-2020-5364
|
Isilon OneFS
| primary_impact |
T1078.001
|
Default Accounts
|
|
CVE-2020-5364
|
Isilon OneFS
| secondary_impact |
T1005
|
Data from Local System
|
|
CVE-2020-5374
|
OMIMSSC (OpenManage Integration for Microsoft System Center)
| primary_impact |
T1078.001
|
Default Accounts
|
|
CVE-2020-5345
|
Unisphere for PowerMax
| primary_impact |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2020-5345
|
Unisphere for PowerMax
| exploitation_technique |
T1565.001
|
Stored Data Manipulation
|
|
CVE-2020-5336
|
RSA Archer
| primary_impact |
T1059.007
|
JavaScript
|
|
CVE-2020-5336
|
RSA Archer
| secondary_impact |
T1557
|
Man-in-the-Middle
|
|
CVE-2020-5336
|
RSA Archer
| exploitation_technique |
T1204.001
|
Malicious Link
|
|
CVE-2020-5365
|
Isilon OneFS
| primary_impact |
T1078.001
|
Default Accounts
|
|
CVE-2020-5365
|
Isilon OneFS
| exploitation_technique |
T1110
|
Brute Force
|
|
CVE-2020-5326
|
Dell Client Consumer and Commercial Platforms
| primary_impact |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2020-5326
|
Dell Client Consumer and Commercial Platforms
| secondary_impact |
T1542.001
|
System Firmware
|
|
CVE-2020-5339
|
RSA Authentication Manager
| primary_impact |
T1059.007
|
JavaScript
|
|
CVE-2020-5339
|
RSA Authentication Manager
| secondary_impact |
T1185
|
Man in the Browser
|
|
CVE-2020-5339
|
RSA Authentication Manager
| exploitation_technique |
T1189
|
Drive-by Compromise
|
|
CVE-2020-5386
|
Elastic Cloud Storage
| primary_impact |
T1005
|
Data from Local System
|
|
CVE-2020-5340
|
RSA Authentication Manager
| primary_impact |
T1059.007
|
JavaScript
|
|
CVE-2020-5340
|
RSA Authentication Manager
| secondary_impact |
T1185
|
Man in the Browser
|
|
CVE-2020-5340
|
RSA Authentication Manager
| exploitation_technique |
T1189
|
Drive-by Compromise
|
|
CVE-2020-5358
|
Dell Encryption Enterprise
| primary_impact |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2020-5371
|
Isilon OneFS
| primary_impact |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2020-5371
|
Isilon OneFS
| secondary_impact |
T1005
|
Data from Local System
|
|
CVE-2020-5378
|
CPG BIOS
| primary_impact |
T1542.001
|
System Firmware
|
|
CVE-2020-5376
|
CPG BIOS
| primary_impact |
T1542.001
|
System Firmware
|
|
CVE-2020-5331
|
RSA Archer
| primary_impact |
T1005
|
Data from Local System
|
|
CVE-2020-5362
|
Dell Client Consumer and Commercial platforms
| primary_impact |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2020-5362
|
Dell Client Consumer and Commercial platforms
| secondary_impact |
T1098
|
Account Manipulation
|
|
CVE-2020-5379
|
CPG BIOS
| primary_impact |
T1542.001
|
System Firmware
|
|
CVE-2020-5369
|
Isilon OneFS
| primary_impact |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2020-5366
|
Integrated Dell Remote Access Controller (iDRAC)
| primary_impact |
T1005
|
Data from Local System
|
|
CVE-2020-5366
|
Integrated Dell Remote Access Controller (iDRAC)
| exploitation_technique |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2020-5373
|
OMIMSSC (OpenManage Integration for Microsoft System Center)
| primary_impact |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2020-5373
|
OMIMSSC (OpenManage Integration for Microsoft System Center)
| secondary_impact |
T1005
|
Data from Local System
|
|
CVE-2020-5328
|
Isilon OneFS
| secondary_impact |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2020-5350
|
Integrated Data Protection Appliance
| primary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2020-5350
|
Integrated Data Protection Appliance
| secondary_impact |
T1098
|
Account Manipulation
|
|
CVE-2020-5332
|
RSA Archer
| primary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2020-15105
|
django-two-factor-auth
| primary_impact |
T1552
|
Unsecured Credentials
|
|
CVE-2020-15105
|
django-two-factor-auth
| secondary_impact |
T1078
|
Valid Accounts
|
|
CVE-2020-15188
|
soycms
| primary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2020-15188
|
soycms
| exploitation_technique |
T1133
|
External Remote Services
|
|
CVE-2020-5250
|
PrestaShop
| primary_impact |
T1036
|
Masquerading
|
|
CVE-2020-5250
|
PrestaShop
| secondary_impact |
T1478
|
Install Insecure or Malicious Configuration
|
|
CVE-2020-15147
|
Red-DiscordBot
| primary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2020-15147
|
Red-DiscordBot
| exploitation_technique |
T1133
|
External Remote Services
|
|
CVE-2020-15118
|
wagtail
| primary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2020-15118
|
wagtail
| secondary_impact |
T1185
|
Man in the Browser
|
|
CVE-2020-5210
|
NetHack
| primary_impact |
T1574
|
Hijack Execution Flow
|
|
CVE-2020-5210
|
NetHack
| primary_impact |
T1499.004
|
Application or System Exploitation
|
|
CVE-2020-11055
|
BookStack
| primary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2020-11055
|
BookStack
| secondary_impact |
T1185
|
Man in the Browser
|
|
CVE-2020-5283
|
viewvc
| primary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2020-5283
|
viewvc
| secondary_impact |
T1185
|
Man in the Browser
|
|
CVE-2020-15211
|
tensorflow
| primary_impact |
T1574
|
Hijack Execution Flow
|
|
CVE-2020-15211
|
tensorflow
| exploitation_technique |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2020-5220
|
SyliusResourceBundle
| primary_impact |
T1005
|
Data from Local System
|
|
CVE-2020-5220
|
SyliusResourceBundle
| exploitation_technique |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2020-11021
|
http-client
| primary_impact |
T1005
|
Data from Local System
|
|
CVE-2020-11021
|
http-client
| exploitation_technique |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2020-5269
|
PrestaShop
| primary_impact |
T1059.007
|
JavaScript
|
|
CVE-2020-5269
|
PrestaShop
| secondary_impact |
T1557
|
Man-in-the-Middle
|
|
CVE-2020-5269
|
PrestaShop
| exploitation_technique |
T1204.001
|
Malicious Link
|
|
CVE-2020-11030
|
WordPress
| primary_impact |
T1059.007
|
JavaScript
|
|
CVE-2020-11030
|
WordPress
| secondary_impact |
T1557
|
Man-in-the-Middle
|
|
CVE-2020-11030
|
WordPress
| exploitation_technique |
T1204.001
|
Malicious Link
|
|
CVE-2020-11036
|
GLPI
| primary_impact |
T1059.007
|
JavaScript
|
|
CVE-2020-11036
|
GLPI
| secondary_impact |
T1185
|
Man in the Browser
|
|
CVE-2020-11036
|
GLPI
| exploitation_technique |
T1189
|
Drive-by Compromise
|
|
CVE-2020-15100
|
freewvs
| primary_impact |
T1574
|
Hijack Execution Flow
|
|
CVE-2020-15100
|
freewvs
| primary_impact |
T1499.004
|
Application or System Exploitation
|
|
CVE-2020-15100
|
freewvs
| exploitation_technique |
T1078
|
Valid Accounts
|
|
CVE-2020-15094
|
symfony
| primary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2020-15094
|
symfony
| exploitation_technique |
T1040
|
Network Sniffing
|
|
CVE-2020-15140
|
Red-DiscordBot
| primary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2020-15140
|
Red-DiscordBot
| exploitation_technique |
T1133
|
External Remote Services
|
|
CVE-2020-11087
|
FreeRDP
| primary_impact |
T1005
|
Data from Local System
|
|
CVE-2020-11087
|
FreeRDP
| secondary_impact |
T1211
|
Exploitation for Defense Evasion
|
|
CVE-2020-11023
|
jQuery
| primary_impact |
T1059.007
|
JavaScript
|
|
CVE-2020-11023
|
jQuery
| secondary_impact |
T1557
|
Man-in-the-Middle
|
|
CVE-2020-11023
|
jQuery
| exploitation_technique |
T1204.001
|
Malicious Link
|
|
CVE-2020-5290
|
rctf
| primary_impact |
T1563
|
Remote Service Session Hijacking
|
|
CVE-2020-5290
|
rctf
| exploitation_technique |
T1189
|
Drive-by Compromise
|
|
CVE-2020-11090
|
Indy Node
| primary_impact |
T1499.004
|
Application or System Exploitation
|
|
CVE-2020-5270
|
PrestaShop
| secondary_impact |
T1036
|
Masquerading
|
|
CVE-2020-5270
|
PrestaShop
| secondary_impact |
T1059.007
|
JavaScript
|
|
CVE-2020-5270
|
PrestaShop
| secondary_impact |
T1557
|
Man-in-the-Middle
|
|
CVE-2020-5270
|
PrestaShop
| secondary_impact |
T1005
|
Data from Local System
|
|
CVE-2020-5270
|
PrestaShop
| exploitation_technique |
T1566.002
|
Spearphishing Link
|
|
CVE-2020-5254
|
NetHack
| primary_impact |
T1574
|
Hijack Execution Flow
|
|
CVE-2020-5254
|
NetHack
| exploitation_technique |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2020-15096
|
electron
| primary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2020-15096
|
electron
| exploitation_technique |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2020-11013
|
Helm
| primary_impact |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2020-15095
|
cli
| primary_impact |
T1552
|
Unsecured Credentials
|
|
CVE-2020-15233
|
fosite
| secondary_impact |
T1036
|
Masquerading
|
|
CVE-2020-15233
|
fosite
| exploitation_technique |
T1566.002
|
Spearphishing Link
|
|
CVE-2020-5252
|
safety
| primary_impact |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2020-11019
|
FreeRDP
| primary_impact |
T1005
|
Data from Local System
|
|
CVE-2020-11019
|
FreeRDP
| primary_impact |
T1499.004
|
Application or System Exploitation
|
|
CVE-2020-11019
|
FreeRDP
| secondary_impact |
T1211
|
Exploitation for Defense Evasion
|
|
CVE-2020-15182
|
soycms
| primary_impact |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2020-15182
|
soycms
| exploitation_technique |
T1204.001
|
Malicious Link
|
|
CVE-2020-5264
|
PrestaShop
| primary_impact |
T1059.007
|
JavaScript
|
|
CVE-2020-5264
|
PrestaShop
| secondary_impact |
T1557
|
Man-in-the-Middle
|
|
CVE-2020-5264
|
PrestaShop
| exploitation_technique |
T1204.001
|
Malicious Link
|
|
CVE-2020-11078
|
httplib2
| primary_impact |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2020-11050
|
Java-WebSocket
| primary_impact |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2020-15170
|
apollo
| primary_impact |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2020-15170
|
apollo
| primary_impact |
T1478
|
Install Insecure or Malicious Configuration
|
|
CVE-2020-5295
|
october
| primary_impact |
T1005
|
Data from Local System
|
|
CVE-2020-5295
|
october
| exploitation_technique |
T1133
|
External Remote Services
|
|
CVE-2020-15189
|
soycms
| primary_impact |
T1505.003
|
Web Shell
|
|
CVE-2020-15189
|
soycms
| secondary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2020-15189
|
soycms
| exploitation_technique |
T1133
|
External Remote Services
|
|
CVE-2020-15137
|
HoRNDIS
| primary_impact |
T1005
|
Data from Local System
|
|
CVE-2020-15137
|
HoRNDIS
| primary_impact |
T1499.004
|
Application or System Exploitation
|
|
CVE-2020-15137
|
HoRNDIS
| exploitation_technique |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2020-11035
|
GLPI
| primary_impact |
T1078
|
Valid Accounts
|
|
CVE-2020-11035
|
GLPI
| primary_impact |
T1557
|
Man-in-the-Middle
|
|
CVE-2020-11035
|
GLPI
| primary_impact |
T1040
|
Network Sniffing
|
|
CVE-2020-11035
|
GLPI
| exploitation_technique |
T1110
|
Brute Force
|
|
CVE-2020-5217
|
secure_headers
| primary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2020-5217
|
secure_headers
| secondary_impact |
T1185
|
Man in the Browser
|
|
CVE-2020-5261
|
Saml2
| primary_impact |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2020-5261
|
Saml2
| exploitation_technique |
T1040
|
Network Sniffing
|
|
CVE-2020-11054
|
qutebrowser
| primary_impact |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2020-11054
|
qutebrowser
| exploitation_technique |
T1189
|
Drive-by Compromise
|
|
CVE-2020-4068
|
APNSwift
| primary_impact |
T1574
|
Hijack Execution Flow
|
|
CVE-2020-4068
|
APNSwift
| primary_impact |
T1499.004
|
Application or System Exploitation
|
|
CVE-2020-4068
|
APNSwift
| exploitation_technique |
T1189
|
Drive-by Compromise
|
|
CVE-2020-4068
|
APNSwift
| exploitation_technique |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2020-4068
|
APNSwift
| exploitation_technique |
T1133
|
External Remote Services
|
|
CVE-2020-4068
|
APNSwift
| exploitation_technique |
T1566
|
Phishing
|
|
CVE-2020-4068
|
APNSwift
| exploitation_technique |
T1204.002
|
Malicious File
|
|
CVE-2020-4068
|
APNSwift
| exploitation_technique |
T1091
|
Replication Through Removable Media
|
|
CVE-2020-15109
|
solidus
| primary_impact |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2020-15109
|
solidus
| secondary_impact |
T1565
|
Data Manipulation
|
|
CVE-2020-15109
|
solidus
| exploitation_technique |
T1133
|
External Remote Services
|
|
CVE-2020-11082
|
Kaminari
| primary_impact |
T1059.007
|
JavaScript
|
|
CVE-2020-11082
|
Kaminari
| secondary_impact |
T1557
|
Man-in-the-Middle
|
|
CVE-2020-11082
|
Kaminari
| exploitation_technique |
T1204.001
|
Malicious Link
|
|
CVE-2020-15093
|
tough
| primary_impact |
T1078
|
Valid Accounts
|
|
CVE-2020-15093
|
tough
| primary_impact |
T1557
|
Man-in-the-Middle
|
|
CVE-2020-15093
|
tough
| primary_impact |
T1040
|
Network Sniffing
|
|
CVE-2020-15093
|
tough
| exploitation_technique |
T1110
|
Brute Force
|
|
CVE-2020-5225
|
SimpleSAMLphp
| primary_impact |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2020-5225
|
SimpleSAMLphp
| secondary_impact |
T1565
|
Data Manipulation
|
|
CVE-2020-5225
|
SimpleSAMLphp
| exploitation_technique |
T1133
|
External Remote Services
|
|
CVE-2020-5266
|
ps_linklist
| primary_impact |
T1059.007
|
JavaScript
|
|
CVE-2020-5266
|
ps_linklist
| secondary_impact |
T1557
|
Man-in-the-Middle
|
|
CVE-2020-5266
|
ps_linklist
| exploitation_technique |
T1189
|
Drive-by Compromise
|
|
CVE-2020-15208
|
tensorflow
| primary_impact |
T1574
|
Hijack Execution Flow
|
|
CVE-2020-15208
|
tensorflow
| primary_impact |
T1499.004
|
Application or System Exploitation
|
|
CVE-2020-11010
|
tortoise-orm
| primary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2020-11010
|
tortoise-orm
| secondary_impact |
T1005
|
Data from Local System
|
|
CVE-2020-11010
|
tortoise-orm
| secondary_impact |
T1505.003
|
Web Shell
|
|
CVE-2020-11010
|
tortoise-orm
| secondary_impact |
T1136
|
Create Account
|
|
CVE-2020-11010
|
tortoise-orm
| secondary_impact |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2020-11010
|
tortoise-orm
| secondary_impact |
T1565.001
|
Stored Data Manipulation
|
|
CVE-2020-11010
|
tortoise-orm
| exploitation_technique |
T1133
|
External Remote Services
|
|
CVE-2020-15143
|
SyliusResourceBundle
| primary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2020-15143
|
SyliusResourceBundle
| exploitation_technique |
T1133
|
External Remote Services
|
|
CVE-2020-11039
|
FreeRDP
| primary_impact |
T1574
|
Hijack Execution Flow
|
|
CVE-2020-11039
|
FreeRDP
| primary_impact |
T1005
|
Data from Local System
|
|
CVE-2020-11039
|
FreeRDP
| primary_impact |
T1499.004
|
Application or System Exploitation
|
|
CVE-2020-15199
|
tensorflow
| primary_impact |
T1574
|
Hijack Execution Flow
|
|
CVE-2020-15199
|
tensorflow
| primary_impact |
T1499.004
|
Application or System Exploitation
|
|
CVE-2020-15179
|
wiki-scratchsig
| primary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2020-15179
|
wiki-scratchsig
| secondary_impact |
T1185
|
Man in the Browser
|
|
CVE-2020-5271
|
PrestaShop
| primary_impact |
T1059.007
|
JavaScript
|
|
CVE-2020-5271
|
PrestaShop
| secondary_impact |
T1557
|
Man-in-the-Middle
|
|
CVE-2020-5271
|
PrestaShop
| exploitation_technique |
T1204.001
|
Malicious Link
|
|
CVE-2020-5231
|
opencast
| primary_impact |
T1078.001
|
Default Accounts
|
|
CVE-2020-5231
|
opencast
| secondary_impact |
T1136
|
Create Account
|
|
CVE-2020-5279
|
PrestaShop
| primary_impact |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2020-11059
|
AEgir
| primary_impact |
T1005
|
Data from Local System
|
|
CVE-2020-15183
|
soycms
| primary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2020-15183
|
soycms
| secondary_impact |
T1185
|
Man in the Browser
|
|
CVE-2020-11044
|
FreeRDP
| primary_impact |
T1499.004
|
Application or System Exploitation
|
|
CVE-2020-5284
|
next.js
| primary_impact |
T1005
|
Data from Local System
|
|
CVE-2020-15162
|
PrestaShop
| primary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2020-15162
|
PrestaShop
| secondary_impact |
T1185
|
Man in the Browser
|
|
CVE-2020-11073
|
zsh-autoswitch-virtualenv
| primary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2020-11073
|
zsh-autoswitch-virtualenv
| exploitation_technique |
T1204.002
|
Malicious File
|
|
CVE-2020-5267
|
actionview
| primary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2020-5267
|
actionview
| secondary_impact |
T1185
|
Man in the Browser
|
|
CVE-2020-11068
|
LoRaMac-node
| primary_impact |
T1574
|
Hijack Execution Flow
|
|
CVE-2020-11068
|
LoRaMac-node
| primary_impact |
T1499.004
|
Application or System Exploitation
|
|
CVE-2020-5297
|
october
| primary_impact |
T1505.003
|
Web Shell
|
|
CVE-2020-5297
|
october
| secondary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2020-5241
|
matestack-ui-core
| primary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2020-5241
|
matestack-ui-core
| secondary_impact |
T1185
|
Man in the Browser
|
|
CVE-2020-5253
|
NetHack
| primary_impact |
T1574
|
Hijack Execution Flow
|
|
CVE-2020-5253
|
NetHack
| primary_impact |
T1499.004
|
Application or System Exploitation
|
|
CVE-2020-5253
|
NetHack
| exploitation_technique |
T1478
|
Install Insecure or Malicious Configuration
|
|
CVE-2020-15132
|
sulu
| primary_impact |
T1589
|
Gather Victim Identity Information
|
|
CVE-2020-11045
|
FreeRDP
| primary_impact |
T1005
|
Data from Local System
|
|
CVE-2020-11083
|
October
| secondary_impact |
T1185
|
Man in the Browser
|
|
CVE-2020-5281
|
perun
| primary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2020-6986
|
Omron PLC CJ Series
| primary_impact |
T0814
|
Denial of Service
|
|
CVE-2020-6986
|
Omron PLC CJ Series
| primary_impact |
T1499
|
Endpoint Denial of Service
|
|
CVE-2020-12029
|
FactoryTalk View SE
| primary_impact |
T1505.003
|
Web Shell
|
|
CVE-2020-12029
|
FactoryTalk View SE
| secondary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2020-12029
|
FactoryTalk View SE
| exploitation_technique |
T1133
|
External Remote Services
|
|
CVE-2020-6960
|
Honeywell Maxpro VMS & NVR
| primary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2020-12014
|
Advantech WebAccess Node
| primary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2020-12038
|
EDS Subsystem, FactoryTalk Linx software (Previously called RSLinx Enterprise), RSLinx Classic, RSNetWorx software, Studio 5000 Logix Designer software
| primary_impact |
T1499.004
|
Application or System Exploitation
|
|
CVE-2020-12038
|
EDS Subsystem, FactoryTalk Linx software (Previously called RSLinx Enterprise), RSLinx Classic, RSNetWorx software, Studio 5000 Logix Designer software
| exploitation_technique |
T1204.001
|
Malicious Link
|
|
CVE-2020-12008
|
Baxter ExactaMix EM 2400 & EM 1200
| primary_impact |
T1552
|
Unsecured Credentials
|
|
CVE-2020-12008
|
Baxter ExactaMix EM 2400 & EM 1200
| secondary_impact |
T0859
|
Valid Accounts
|
|
CVE-2020-12008
|
Baxter ExactaMix EM 2400 & EM 1200
| exploitation_technique |
T0842
|
Network Sniffing
|
|
CVE-2020-16200
|
Philips Clinical Collaboration Platform
| primary_impact |
T1496
|
Resource Hijacking
|
|
CVE-2020-16200
|
Philips Clinical Collaboration Platform
| secondary_impact |
T0826
|
Loss of Availability
|
|
CVE-2020-6964
|
GE CARESCAPE Telemetry Server,ApexPro Telemetry Server,CARESCAPE Central Station,Clinical Information Center systems,CARESCAPE B450,B650,B850 Monitors
| primary_impact |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2020-6964
|
GE CARESCAPE Telemetry Server,ApexPro Telemetry Server,CARESCAPE Central Station,Clinical Information Center systems,CARESCAPE B450,B650,B850 Monitors
| primary_impact |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2020-6964
|
GE CARESCAPE Telemetry Server,ApexPro Telemetry Server,CARESCAPE Central Station,Clinical Information Center systems,CARESCAPE B450,B650,B850 Monitors
| secondary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2020-6993
|
Moxa PT-7528 series firmware, Version 4.0 or lower, PT-7828 series firmware, Version 3.9 or lower
| primary_impact |
T1005
|
Data from Local System
|
|
CVE-2020-6993
|
Moxa PT-7528 series firmware, Version 4.0 or lower, PT-7828 series firmware, Version 3.9 or lower
| exploitation_technique |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2020-14510
|
GateManager
| primary_impact |
T1078.001
|
Default Accounts
|
|
CVE-2020-14510
|
GateManager
| secondary_impact |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2020-14510
|
GateManager
| secondary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2020-14508
|
GateManager
| primary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2020-14508
|
GateManager
| primary_impact |
T1499
|
Endpoint Denial of Service
|
|
CVE-2020-14508
|
GateManager
| exploitation_technique |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2020-7004
|
VBASE Editor
| primary_impact |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2020-10603
|
WebAccess/NMS
| primary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2020-10603
|
WebAccess/NMS
| exploitation_technique |
T1133
|
External Remote Services
|
|
CVE-2020-12024
|
Baxter ExactaMix EM 2400 & EM 1200
| primary_impact |
T1091
|
Replication Through Removable Media
|
|
CVE-2020-12000
|
Ignition 8 Gateway
| primary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2020-12000
|
Ignition 8 Gateway
| exploitation_technique |
T1133
|
External Remote Services
|
|
CVE-2020-16211
|
Advantech WebAccess HMI Designer
| primary_impact |
T1005
|
Data from Local System
|
|
CVE-2020-16211
|
Advantech WebAccess HMI Designer
| exploitation_technique |
T1204.002
|
Malicious File
|
|
CVE-2020-16198
|
Philips Clinical Collaboration Platform
| primary_impact |
T1036
|
Masquerading
|
|
CVE-2020-10602
|
OSIsoft PI System multiple products and versions
| primary_impact |
T1499.004
|
Application or System Exploitation
|
|
CVE-2020-0884
|
Microsoft Visual Studio 2017 version 15.9 (includes 15.1 - 15.8)
| primary_impact |
T1528
|
Steal Application Access Token
|
|
CVE-2020-0884
|
Microsoft Visual Studio 2017 version 15.9 (includes 15.1 - 15.8)
| exploitation_technique |
T1040
|
Network Sniffing
|
|
CVE-2020-1025
|
Skype for Business Server 2019 CU2
| primary_impact |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2020-1111
|
Windows
| primary_impact |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2020-1111
|
Windows
| secondary_impact |
T1005
|
Data from Local System
|
|
CVE-2020-1111
|
Windows
| secondary_impact |
T1565
|
Data Manipulation
|
|
CVE-2020-1111
|
Windows
| secondary_impact |
T1485
|
Data Destruction
|
|
CVE-2020-1111
|
Windows
| secondary_impact |
T1136
|
Create Account
|
|
CVE-2020-0671
|
Windows
| primary_impact |
T1574
|
Hijack Execution Flow
|
|
CVE-2020-0671
|
Windows
| primary_impact |
T1499.004
|
Application or System Exploitation
|
|
CVE-2020-0671
|
Windows
| secondary_impact |
T1005
|
Data from Local System
|
|
CVE-2020-0671
|
Windows
| secondary_impact |
T1565
|
Data Manipulation
|
|
CVE-2020-0671
|
Windows
| secondary_impact |
T1485
|
Data Destruction
|
|
CVE-2020-0671
|
Windows
| secondary_impact |
T1136
|
Create Account
|
|
CVE-2020-0898
|
Windows
| primary_impact |
T1574
|
Hijack Execution Flow
|
|
CVE-2020-0898
|
Windows
| primary_impact |
T1499.004
|
Application or System Exploitation
|
|
CVE-2020-1456
|
Microsoft SharePoint Enterprise Server
| primary_impact |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2020-1456
|
Microsoft SharePoint Enterprise Server
| secondary_impact |
T1005
|
Data from Local System
|
|
CVE-2020-1456
|
Microsoft SharePoint Enterprise Server
| secondary_impact |
T1565
|
Data Manipulation
|
|
CVE-2020-1456
|
Microsoft SharePoint Enterprise Server
| secondary_impact |
T1485
|
Data Destruction
|
|
CVE-2020-1456
|
Microsoft SharePoint Enterprise Server
| secondary_impact |
T1478
|
Install Insecure or Malicious Configuration
|
|
CVE-2020-1456
|
Microsoft SharePoint Enterprise Server
| secondary_impact |
T1036
|
Masquerading
|
|
CVE-2020-1109
|
Windows
| primary_impact |
T1574
|
Hijack Execution Flow
|
|
CVE-2020-1109
|
Windows
| primary_impact |
T1499.004
|
Application or System Exploitation
|
|
CVE-2020-1109
|
Windows
| secondary_impact |
T1005
|
Data from Local System
|
|
CVE-2020-1109
|
Windows
| secondary_impact |
T1565
|
Data Manipulation
|
|
CVE-2020-1109
|
Windows
| secondary_impact |
T1485
|
Data Destruction
|
|
CVE-2020-1109
|
Windows
| secondary_impact |
T1136
|
Create Account
|
|
CVE-2020-1347
|
Windows 10 Version 2004 for 32-bit Systems
| primary_impact |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2020-1163
|
Microsoft Forefront Endpoint Protection
| primary_impact |
T1485
|
Data Destruction
|
|
CVE-2020-1068
|
Windows
| primary_impact |
T1565
|
Data Manipulation
|
|
CVE-2020-1495
|
Microsoft SharePoint Server 2010 Service Pack 2
| primary_impact |
T1574
|
Hijack Execution Flow
|
|
CVE-2020-1495
|
Microsoft SharePoint Server 2010 Service Pack 2
| primary_impact |
T1499.004
|
Application or System Exploitation
|
|
CVE-2020-1495
|
Microsoft SharePoint Server 2010 Service Pack 2
| secondary_impact |
T1005
|
Data from Local System
|
|
CVE-2020-1495
|
Microsoft SharePoint Server 2010 Service Pack 2
| secondary_impact |
T1565
|
Data Manipulation
|
|
CVE-2020-1495
|
Microsoft SharePoint Server 2010 Service Pack 2
| secondary_impact |
T1485
|
Data Destruction
|
|
CVE-2020-1495
|
Microsoft SharePoint Server 2010 Service Pack 2
| secondary_impact |
T1136
|
Create Account
|
|
CVE-2020-1495
|
Microsoft SharePoint Server 2010 Service Pack 2
| exploitation_technique |
T1204.002
|
Malicious File
|
|
CVE-2020-1495
|
Microsoft SharePoint Server 2010 Service Pack 2
| exploitation_technique |
T1566
|
Phishing
|
|
CVE-2020-1425
|
Windows 10 Version 2004 for x64-based Systems
| primary_impact |
T1574
|
Hijack Execution Flow
|
|
CVE-2020-1425
|
Windows 10 Version 2004 for x64-based Systems
| primary_impact |
T1499.004
|
Application or System Exploitation
|
|
CVE-2020-0758
|
Team Foundation Server 2018
| primary_impact |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2020-0758
|
Team Foundation Server 2018
| exploitation_technique |
T1098
|
Account Manipulation
|
|
CVE-2020-1141
|
Windows
| primary_impact |
T1005
|
Data from Local System
|
|
CVE-2020-1141
|
Windows
| secondary_impact |
T1211
|
Exploitation for Defense Evasion
|
|
CVE-2020-1569
|
Microsoft Edge (EdgeHTML-based)
| primary_impact |
T1574
|
Hijack Execution Flow
|
|
CVE-2020-1569
|
Microsoft Edge (EdgeHTML-based)
| primary_impact |
T1499.004
|
Application or System Exploitation
|
|
CVE-2020-1569
|
Microsoft Edge (EdgeHTML-based)
| secondary_impact |
T1005
|
Data from Local System
|
|
CVE-2020-1569
|
Microsoft Edge (EdgeHTML-based)
| secondary_impact |
T1565
|
Data Manipulation
|
|
CVE-2020-1569
|
Microsoft Edge (EdgeHTML-based)
| secondary_impact |
T1485
|
Data Destruction
|
|
CVE-2020-1569
|
Microsoft Edge (EdgeHTML-based)
| secondary_impact |
T1136
|
Create Account
|
|
CVE-2020-1569
|
Microsoft Edge (EdgeHTML-based)
| exploitation_technique |
T1204.002
|
Malicious File
|
|
CVE-2020-1569
|
Microsoft Edge (EdgeHTML-based)
| exploitation_technique |
T1566
|
Phishing
|
|
CVE-2020-16874
|
Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6)
| primary_impact |
T1574
|
Hijack Execution Flow
|
|
CVE-2020-16874
|
Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6)
| primary_impact |
T1499.004
|
Application or System Exploitation
|
|
CVE-2020-16874
|
Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6)
| secondary_impact |
T1005
|
Data from Local System
|
|
CVE-2020-16874
|
Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6)
| secondary_impact |
T1565
|
Data Manipulation
|
|
CVE-2020-16874
|
Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6)
| secondary_impact |
T1485
|
Data Destruction
|
|
CVE-2020-16874
|
Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6)
| secondary_impact |
T1136
|
Create Account
|
|
CVE-2020-16874
|
Microsoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6)
| exploitation_technique |
T1204.002
|
Malicious File
|
|
CVE-2020-1190
|
Windows
| primary_impact |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2020-0955
|
Windows
| primary_impact |
T1005
|
Data from Local System
|
|
CVE-2020-0981
|
Windows 10 Version 1909 for 32-bit Systems
| primary_impact |
T1134
|
Access Token Manipulation
|
|
CVE-2020-0981
|
Windows 10 Version 1909 for 32-bit Systems
| secondary_impact |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2020-0981
|
Windows 10 Version 1909 for 32-bit Systems
| secondary_impact |
T1497
|
Virtualization/Sandbox Evasion
|
|
CVE-2020-1471
|
Windows 10 Version 1803
| primary_impact |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2020-0636
|
Windows 10 Version 1903 for 32-bit Systems
| primary_impact |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2020-11652
|
n/a
| uncategorized |
T1005
|
Data from Local System
|
|
CVE-2020-11652
|
n/a
| uncategorized |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2020-6808
|
Firefox
| uncategorized |
T1036.005
|
Match Legitimate Name or Location
|
|
CVE-2020-6820
|
Thunderbird
| uncategorized |
T1055
|
Process Injection
|
|
CVE-2020-6820
|
Thunderbird
| uncategorized |
T1189
|
Drive-by Compromise
|
|
CVE-2020-8835
|
Linux kernel
| uncategorized |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2020-8467
|
Trend Micro OfficeScan, Trend Micro Apex One
| uncategorized |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2020-12659
|
n/a
| uncategorized |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2020-10751
|
kernel
| uncategorized |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2020-1027
|
Windows
| uncategorized |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2020-5539
|
GRANDIT
| uncategorized |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2020-5539
|
GRANDIT
| uncategorized |
T1565.001
|
Stored Data Manipulation
|
|
CVE-2020-5539
|
GRANDIT
| uncategorized |
T1005
|
Data from Local System
|
|
CVE-2020-10817
|
n/a
| uncategorized |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2020-10817
|
n/a
| uncategorized |
T1211
|
Exploitation for Defense Evasion
|
|
CVE-2020-8649
|
n/a
| uncategorized |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2020-8649
|
n/a
| uncategorized |
T1499.004
|
Application or System Exploitation
|
|
CVE-2020-12652
|
n/a
| uncategorized |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2020-12652
|
n/a
| uncategorized |
T1499.004
|
Application or System Exploitation
|
|
CVE-2020-7456
|
FreeBSD
| uncategorized |
T1091
|
Replication Through Removable Media
|
|
CVE-2020-7456
|
FreeBSD
| uncategorized |
T1203
|
Exploitation for Client Execution
|
|
CVE-2020-12464
|
n/a
| uncategorized |
T1091
|
Replication Through Removable Media
|
|
CVE-2020-12464
|
n/a
| uncategorized |
T1203
|
Exploitation for Client Execution
|
|
CVE-2020-15393
|
n/a
| uncategorized |
T1091
|
Replication Through Removable Media
|
|
CVE-2020-15393
|
n/a
| uncategorized |
T1499.001
|
OS Exhaustion Flood
|
|
CVE-2020-9804
|
macOS
| uncategorized |
T1091
|
Replication Through Removable Media
|
|
CVE-2020-9804
|
macOS
| uncategorized |
T1499.004
|
Application or System Exploitation
|
|
CVE-2020-11957
|
n/a
| uncategorized |
T1110
|
Brute Force
|
|
CVE-2020-9819
|
iOS
| uncategorized |
T1114.001
|
Local Email Collection
|
|
CVE-2020-9819
|
iOS
| uncategorized |
T1565.001
|
Stored Data Manipulation
|
|
CVE-2020-9819
|
iOS
| uncategorized |
T1485
|
Data Destruction
|
|
CVE-2020-6418
|
Chrome
| uncategorized |
T1189
|
Drive-by Compromise
|
|
CVE-2020-6418
|
Chrome
| uncategorized |
T1203
|
Exploitation for Client Execution
|
|
CVE-2020-5902
|
BIG-IP
| uncategorized |
T1189
|
Drive-by Compromise
|
|
CVE-2020-5902
|
BIG-IP
| uncategorized |
T1203
|
Exploitation for Client Execution
|
|
CVE-2020-11901
|
n/a
| uncategorized |
T1189
|
Drive-by Compromise
|
|
CVE-2020-11901
|
n/a
| uncategorized |
T1203
|
Exploitation for Client Execution
|
|
CVE-2020-11901
|
n/a
| uncategorized |
T1059.007
|
JavaScript
|
|
CVE-2020-13125
|
n/a
| uncategorized |
T1189
|
Drive-by Compromise
|
|
CVE-2020-13125
|
n/a
| uncategorized |
T1203
|
Exploitation for Client Execution
|
|
CVE-2020-13125
|
n/a
| uncategorized |
T1204.002
|
Malicious File
|
|
CVE-2020-13125
|
n/a
| uncategorized |
T1499.004
|
Application or System Exploitation
|
|
CVE-2020-6974
|
Honeywell Notifier Web Server (NWS)
| uncategorized |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2020-6974
|
Honeywell Notifier Web Server (NWS)
| uncategorized |
T1005
|
Data from Local System
|
|
CVE-2020-6974
|
Honeywell Notifier Web Server (NWS)
| uncategorized |
T1565
|
Data Manipulation
|
|
CVE-2020-11738
|
n/a
| uncategorized |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2020-11738
|
n/a
| uncategorized |
T1055
|
Process Injection
|
|
CVE-2020-9380
|
n/a
| uncategorized |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2020-9380
|
n/a
| uncategorized |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2020-10189
|
n/a
| uncategorized |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2020-10189
|
n/a
| uncategorized |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2020-9459
|
n/a
| uncategorized |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2020-9459
|
n/a
| uncategorized |
T1059.007
|
JavaScript
|
|
CVE-2020-9459
|
n/a
| uncategorized |
T1539
|
Steal Web Session Cookie
|
|
CVE-2020-9459
|
n/a
| uncategorized |
T1565
|
Data Manipulation
|
|
CVE-2020-9459
|
n/a
| uncategorized |
T1491
|
Defacement
|
|
CVE-2020-13126
|
n/a
| uncategorized |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2020-13126
|
n/a
| uncategorized |
T1203
|
Exploitation for Client Execution
|
|
CVE-2020-11897
|
n/a
| uncategorized |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2020-11897
|
n/a
| uncategorized |
T1203
|
Exploitation for Client Execution
|
|
CVE-2020-11897
|
n/a
| uncategorized |
T1499
|
Endpoint Denial of Service
|
|
CVE-2020-11896
|
n/a
| uncategorized |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2020-11896
|
n/a
| uncategorized |
T1203
|
Exploitation for Client Execution
|
|
CVE-2020-11896
|
n/a
| uncategorized |
T1499
|
Endpoint Denial of Service
|
|
CVE-2020-9818
|
iOS
| uncategorized |
T1203
|
Exploitation for Client Execution
|
|
CVE-2020-1631
|
Junos OS
| uncategorized |
T1203
|
Exploitation for Client Execution
|
|
CVE-2020-1350
|
Windows Server
| uncategorized |
T1203
|
Exploitation for Client Execution
|
|
CVE-2020-0938
|
Windows
| uncategorized |
T1203
|
Exploitation for Client Execution
|
|
CVE-2020-6819
|
Thunderbird
| uncategorized |
T1203
|
Exploitation for Client Execution
|
|
CVE-2020-6819
|
Thunderbird
| uncategorized |
T1189
|
Drive-by Compromise
|
|
CVE-2020-10257
|
n/a
| uncategorized |
T1203
|
Exploitation for Client Execution
|
|
CVE-2020-10257
|
n/a
| uncategorized |
T1189
|
Drive-by Compromise
|
|
CVE-2020-2883
|
WebLogic Server
| uncategorized |
T1203
|
Exploitation for Client Execution
|
|
CVE-2020-2883
|
WebLogic Server
| uncategorized |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2020-0601
|
Windows
| uncategorized |
T1203
|
Exploitation for Client Execution
|
|
CVE-2020-0601
|
Windows
| uncategorized |
T1190
|
Exploit Public-Facing Application
|
|
CVE-2020-1206
|
Windows 10 Version 1909 for 32-bit Systems
| uncategorized |
T1210
|
Exploitation of Remote Services
|
|
CVE-2020-8468
|
Trend Micro OfficeScan, Trend Micro Apex One, Trend Micro Worry-Free Business Security (WFBS)
| uncategorized |
T1211
|
Exploitation for Defense Evasion
|
|
CVE-2020-8648
|
n/a
| uncategorized |
T1499.004
|
Application or System Exploitation
|
|
CVE-2020-14059
|
n/a
| uncategorized |
T1499.004
|
Application or System Exploitation
|
|
CVE-2020-12888
|
n/a
| uncategorized |
T1499.004
|
Application or System Exploitation
|
|
CVE-2020-12655
|
n/a
| uncategorized |
T1499.004
|
Application or System Exploitation
|
|
CVE-2020-11884
|
n/a
| uncategorized |
T1499.004
|
Application or System Exploitation
|
|
CVE-2020-11668
|
n/a
| uncategorized |
T1499.004
|
Application or System Exploitation
|
|
CVE-2020-12653
|
n/a
| uncategorized |
T1499.004
|
Application or System Exploitation
|
|
CVE-2020-12653
|
n/a
| uncategorized |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2020-11608
|
n/a
| uncategorized |
T1499.004
|
Application or System Exploitation
|
|
CVE-2020-11608
|
n/a
| uncategorized |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2020-12769
|
n/a
| uncategorized |
T1499.004
|
Application or System Exploitation
|
|
CVE-2020-11651
|
n/a
| uncategorized |
T1528
|
Steal Application Access Token
|
|
CVE-2020-11651
|
n/a
| uncategorized |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2020-11651
|
n/a
| uncategorized |
T1059
|
Command and Scripting Interpreter
|
|
CVE-2020-5300
|
hydra
| uncategorized |
T1528
|
Steal Application Access Token
|
|
CVE-2020-5300
|
hydra
| uncategorized |
T1068
|
Exploitation for Privilege Escalation
|
|
CVE-2020-4408
|
Qradar Advisor
| uncategorized |
T1552
|
Unsecured Credentials
|
|
CVE-2020-1020
|
Windows
| uncategorized |
T1566
|
Phishing
|
|
CVE-2020-1020
|
Windows
| uncategorized |
T1203
|
Exploitation for Client Execution
|
|
CVE-2020-4100
|
"HCL Verse for Android"
| uncategorized |
T1574
|
Hijack Execution Flow
|
|
CVE-2020-0688
|
Microsoft Exchange Server 2013
| uncategorized |
T1574
|
Hijack Execution Flow
|
|
CVE-2020-0688
|
Microsoft Exchange Server 2013
| uncategorized |
T1068
|
Exploitation for Privilege Escalation
|
