Total
34213 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-6230 | 1 Sap | 1 Orientdb | 2024-11-21 | 7.2 High |
| SAP OrientDB, version 3.0, allows an authenticated attacker with script execute/write permissions to inject code that can be executed by the application and lead to Code Injection. An attacker could thereby control the behavior of the application. | ||||
| CVE-2020-6218 | 1 Sap | 1 Businessobjects Business Intelligence Platform | 2024-11-21 | 5.0 Medium |
| Admin tools and Query Builder in SAP Business Objects Business Intelligence Platform, versions 4.1, 4.2, allows an attacker to access information that should otherwise be restricted, leading to Information Disclosure. | ||||
| CVE-2020-6196 | 1 Sap | 1 Businessobjects Mobile | 2024-11-21 | 7.5 High |
| SAP BusinessObjects Mobile (MobileBIService), version 4.2, allows an attacker to generate multiple requests, using which he can block all the threads resulting in a Denial of Service. | ||||
| CVE-2020-6164 | 1 Silverstripe | 1 Silverstripe | 2024-11-21 | 7.5 High |
| In SilverStripe through 4.5.0, a specific URL path configured by default through the silverstripe/framework module can be used to disclose the fact that a domain is hosting a Silverstripe application. There is no disclosure of the specific version. The functionality on this URL path is limited to execution in a CLI context, and is not known to present a vulnerability through web-based access. As a side-effect, this preconfigured path also blocks the creation of other resources on this path (e.g. a page). | ||||
| CVE-2020-6111 | 1 Rockwellautomation | 2 Micrologix 1100, Micrologix 1100 B Firmware | 2024-11-21 | 7.5 High |
| An exploitable denial-of-service vulnerability exists in the IPv4 functionality of Allen-Bradley MicroLogix 1100 Programmable Logic Controller Systems Series B FRN 16.000, Series B FRN 15.002, Series B FRN 15.000, Series B FRN 14.000, Series B FRN 13.000, Series B FRN 12.000, Series B FRN 11.000 and Series B FRN 10.000. A specially crafted packet can cause a major error, resulting in a denial of service. An attacker can send a malicious packet to trigger this vulnerability. | ||||
| CVE-2020-6023 | 1 Checkpoint | 1 Zonealarm | 2024-11-21 | 7.8 High |
| Check Point ZoneAlarm before version 15.8.139.18543 allows a local actor to escalate privileges while restoring files in Anti-Ransomware. | ||||
| CVE-2020-6022 | 1 Checkpoint | 1 Zonealarm | 2024-11-21 | 5.5 Medium |
| Check Point ZoneAlarm before version 15.8.139.18543 allows a local actor to delete arbitrary files while restoring files in Anti-Ransomware. | ||||
| CVE-2020-6019 | 1 Valvesoftware | 1 Game Networking Sockets | 2024-11-21 | 7.5 High |
| Valve's Game Networking Sockets prior to version v1.2.0 improperly handles inlined statistics messages in function CConnectionTransportUDPBase::Received_Data(), leading to an exception thrown from libprotobuf and resulting in a crash. | ||||
| CVE-2020-6015 | 1 Checkpoint | 1 Endpoint Security | 2024-11-21 | 5.5 Medium |
| Check Point Endpoint Security for Windows before E84.10 can reach denial of service during clean install of the client which will prevent the storage of service log files in non-standard locations. | ||||
| CVE-2020-5990 | 1 Nvidia | 1 Geforce Experience | 2024-11-21 | 7.8 High |
| NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in the ShadowPlay component which may lead to local privilege escalation, code execution, denial of service or information disclosure. | ||||
| CVE-2020-5978 | 1 Nvidia | 1 Geforce Experience | 2024-11-21 | 7.8 High |
| NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in its services in which a folder is created by nvcontainer.exe under normal user login with LOCAL_SYSTEM privileges which may lead to a denial of service or escalation of privileges. | ||||
| CVE-2020-5976 | 4 Apple, Google, Microsoft and 1 more | 6 Macos, Android, Android Tv and 3 more | 2024-11-21 | 7.5 High |
| NVIDIA GeForce NOW, versions prior to 2.0.23 (Windows, macOS) and versions prior to 5.31 (Android, Shield TV), contains a vulnerability in the application software where the network test component transmits sensitive information insecurely, which may lead to information disclosure. | ||||
| CVE-2020-5973 | 2 Canonical, Nvidia | 2 Ubuntu Linux, Virtual Gpu | 2024-11-21 | 4.4 Medium |
| NVIDIA Virtual GPU Manager and the guest drivers contain a vulnerability in vGPU plugin, in which there is the potential to execute privileged operations, which may lead to denial of service. This affects vGPU version 8.x (prior to 8.4), version 9.x (prior to 9.4) and version 10.x (prior to 10.3). | ||||
| CVE-2020-5963 | 2 Canonical, Nvidia | 9 Ubuntu Linux, Geforce, Geforce Firmware and 6 more | 2024-11-21 | 7.8 High |
| NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the Inter Process Communication APIs, in which improper access control may lead to code execution, denial of service, or information disclosure. | ||||
| CVE-2020-5962 | 1 Nvidia | 8 Geforce, Geforce Firmware, Nvs and 5 more | 2024-11-21 | 7.8 High |
| NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component, in which an attacker with local system access can corrupt a system file, which may lead to denial of service or escalation of privileges. | ||||
| CVE-2020-5958 | 2 Microsoft, Nvidia | 6 Windows, Geforce Experience, Quadro and 3 more | 2024-11-21 | 7.8 High |
| NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component in which an attacker with local system access can plant a malicious DLL file, which may lead to code execution, denial of service, or information disclosure. | ||||
| CVE-2020-5957 | 2 Microsoft, Nvidia | 6 Windows, Geforce Experience, Quadro and 3 more | 2024-11-21 | 7.8 High |
| NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component in which an attacker with local system access can corrupt a system file, which may lead to denial of service or escalation of privileges. | ||||
| CVE-2020-5955 | 2 Insyde, Intel | 21 Insydeh2o Uefi Bios, Cannon Lake, Coffee Lake and 18 more | 2024-11-21 | 9.8 Critical |
| An issue was discovered in Int15MicrocodeSmm in Insyde InsydeH2O before 2021-10-14 on Intel client chipsets. A caller may be able to escalate privileges. | ||||
| CVE-2020-5949 | 1 F5 | 14 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Advanced Web Application Firewall and 11 more | 2024-11-21 | 7.5 High |
| On BIG-IP versions 14.0.0-14.0.1 and 13.1.0-13.1.3.4, certain traffic pattern sent to a virtual server configured with an FTP profile can cause the FTP channel to break. | ||||
| CVE-2020-5947 | 1 F5 | 19 Big-ip 2000, Big-ip 4000, Big-ip Access Policy Manager and 16 more | 2024-11-21 | 4.3 Medium |
| In versions 16.0.0-16.0.0.1 and 15.1.0-15.1.1, on specific BIG-IP platforms, attackers may be able to obtain TCP sequence numbers from the BIG-IP system that can be reused in future connections with the same source and destination port and IP numbers. Only these platforms are affected: BIG-IP 2000 series (C112), BIG-IP 4000 series (C113), BIG-IP i2000 series (C117), BIG-IP i4000 series (C115), BIG-IP Virtual Edition (VE). | ||||