Total
34589 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-6247 | 1 Sap | 1 Businessobjects Business Intelligence Platform | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| SAP Business Objects Business Intelligence Platform, version 4.2, allows an unauthenticated attacker to prevent legitimate users from accessing a service. Using a specially crafted request, the attacker can crash or flood the Central Management Server, thereby impacting system availability. | |||||
| CVE-2020-6240 | 1 Sap | 1 Netweaver Application Server Abap | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| SAP NetWeaver AS ABAP (Web Dynpro ABAP), versions (SAP_UI 750, 752, 753, 754 and SAP_BASIS 700, 710, 730, 731, 804) allows an unauthenticated attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service leading to Denial of Service | |||||
| CVE-2020-6237 | 1 Sap | 1 Businessobjects Business Intelligence Platform | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Under certain conditions, SAP Business Objects Business Intelligence Platform, version 4.1, 4.2, dswsbobje web application allows an attacker to access information which would otherwise be restricted, leading to Information Disclosure. | |||||
| CVE-2020-6234 | 1 Sap | 1 Host Agent | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| SAP Host Agent, version 7.21, allows an attacker with admin privileges to use the operation framework to gain root privileges over the underlying operating system, leading to Privilege Escalation. | |||||
| CVE-2020-6230 | 1 Sap | 1 Orientdb | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| SAP OrientDB, version 3.0, allows an authenticated attacker with script execute/write permissions to inject code that can be executed by the application and lead to Code Injection. An attacker could thereby control the behavior of the application. | |||||
| CVE-2020-6218 | 1 Sap | 1 Businessobjects Business Intelligence Platform | 2024-11-21 | 4.0 MEDIUM | 5.0 MEDIUM |
| Admin tools and Query Builder in SAP Business Objects Business Intelligence Platform, versions 4.1, 4.2, allows an attacker to access information that should otherwise be restricted, leading to Information Disclosure. | |||||
| CVE-2020-6196 | 1 Sap | 1 Businessobjects Mobile | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| SAP BusinessObjects Mobile (MobileBIService), version 4.2, allows an attacker to generate multiple requests, using which he can block all the threads resulting in a Denial of Service. | |||||
| CVE-2020-6164 | 1 Silverstripe | 1 Silverstripe | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| In SilverStripe through 4.5.0, a specific URL path configured by default through the silverstripe/framework module can be used to disclose the fact that a domain is hosting a Silverstripe application. There is no disclosure of the specific version. The functionality on this URL path is limited to execution in a CLI context, and is not known to present a vulnerability through web-based access. As a side-effect, this preconfigured path also blocks the creation of other resources on this path (e.g. a page). | |||||
| CVE-2020-6111 | 1 Rockwellautomation | 2 Micrologix 1100, Micrologix 1100 B Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An exploitable denial-of-service vulnerability exists in the IPv4 functionality of Allen-Bradley MicroLogix 1100 Programmable Logic Controller Systems Series B FRN 16.000, Series B FRN 15.002, Series B FRN 15.000, Series B FRN 14.000, Series B FRN 13.000, Series B FRN 12.000, Series B FRN 11.000 and Series B FRN 10.000. A specially crafted packet can cause a major error, resulting in a denial of service. An attacker can send a malicious packet to trigger this vulnerability. | |||||
| CVE-2020-6023 | 1 Checkpoint | 1 Zonealarm | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Check Point ZoneAlarm before version 15.8.139.18543 allows a local actor to escalate privileges while restoring files in Anti-Ransomware. | |||||
| CVE-2020-6022 | 1 Checkpoint | 1 Zonealarm | 2024-11-21 | 3.6 LOW | 5.5 MEDIUM |
| Check Point ZoneAlarm before version 15.8.139.18543 allows a local actor to delete arbitrary files while restoring files in Anti-Ransomware. | |||||
| CVE-2020-6019 | 1 Valvesoftware | 1 Game Networking Sockets | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Valve's Game Networking Sockets prior to version v1.2.0 improperly handles inlined statistics messages in function CConnectionTransportUDPBase::Received_Data(), leading to an exception thrown from libprotobuf and resulting in a crash. | |||||
| CVE-2020-6015 | 1 Checkpoint | 1 Endpoint Security | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| Check Point Endpoint Security for Windows before E84.10 can reach denial of service during clean install of the client which will prevent the storage of service log files in non-standard locations. | |||||
| CVE-2020-5990 | 1 Nvidia | 1 Geforce Experience | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in the ShadowPlay component which may lead to local privilege escalation, code execution, denial of service or information disclosure. | |||||
| CVE-2020-5978 | 1 Nvidia | 1 Geforce Experience | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in its services in which a folder is created by nvcontainer.exe under normal user login with LOCAL_SYSTEM privileges which may lead to a denial of service or escalation of privileges. | |||||
| CVE-2020-5976 | 4 Apple, Google, Microsoft and 1 more | 6 Macos, Android, Android Tv and 3 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| NVIDIA GeForce NOW, versions prior to 2.0.23 (Windows, macOS) and versions prior to 5.31 (Android, Shield TV), contains a vulnerability in the application software where the network test component transmits sensitive information insecurely, which may lead to information disclosure. | |||||
| CVE-2020-5973 | 2 Canonical, Nvidia | 2 Ubuntu Linux, Virtual Gpu | 2024-11-21 | 2.1 LOW | 4.4 MEDIUM |
| NVIDIA Virtual GPU Manager and the guest drivers contain a vulnerability in vGPU plugin, in which there is the potential to execute privileged operations, which may lead to denial of service. This affects vGPU version 8.x (prior to 8.4), version 9.x (prior to 9.4) and version 10.x (prior to 10.3). | |||||
| CVE-2020-5963 | 2 Canonical, Nvidia | 9 Ubuntu Linux, Geforce, Geforce Firmware and 6 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the Inter Process Communication APIs, in which improper access control may lead to code execution, denial of service, or information disclosure. | |||||
| CVE-2020-5962 | 1 Nvidia | 8 Geforce, Geforce Firmware, Nvs and 5 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component, in which an attacker with local system access can corrupt a system file, which may lead to denial of service or escalation of privileges. | |||||
| CVE-2020-5958 | 2 Microsoft, Nvidia | 6 Windows, Geforce Experience, Quadro and 3 more | 2024-11-21 | 4.4 MEDIUM | 7.8 HIGH |
| NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component in which an attacker with local system access can plant a malicious DLL file, which may lead to code execution, denial of service, or information disclosure. | |||||