| Max CVSS | 7.2 | Min CVSS | 7.2 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2020-15397 | 7.2 |
HylaFAX+ through 7.0.2 and HylaFAX Enterprise have scripts that execute binaries from directories writable by unprivileged users (e.g., locations under /var/spool/hylafax that are writable by the uucp account). This allows these users to execute code
|
12-07-2022 - 17:42 | 30-06-2020 - 12:15 | |
| CVE-2020-15396 | 7.2 |
In HylaFAX+ through 7.0.2 and HylaFAX Enterprise, the faxsetup utility calls chown on files in user-owned directories. By winning a race, a local attacker could use this to escalate his privileges to root.
|
28-04-2022 - 18:57 | 30-06-2020 - 12:15 |