Etiqueta: CVE

The Common Vulnerabilities and Exposures (CVE) system provides a reference-method for publicly known information-security vulnerabilities and exposures. The National Cybersecurity FFRDC, operated by the Mitre Corporation, maintains the system, with funding from the National Cyber Security Division of the United States Department of Homeland Security.

CWE-200

CWE-200 An information exposure is the intentional or unintentional disclosure of information to an actor that is not explicitly authorized to have access to that information.

CVE-2017-12939

CVE-2017-12939

A Remote Code Execution vulnerability was identified in all Windows versions of Unity Editor, e.g., before 5.3.8p2, 5.4.x before 5.4.5p5, 5.5.x before 5.5.4p3, 5.6.x before 5.6.3p1, and 2017.x before 2017.1.0p4. (CWE-20)

CWE-264

CWE-264 Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control.