Total
7549 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-7807 | 2 Lg, Microsoft | 5 Ipsfullhd, Lg Ultrawide, Lgpcsuite Setup and 2 more | 2024-11-21 | 1.9 LOW | 5.6 MEDIUM |
| A vulnerability that can hijack a DLL file that is loaded during products(LGPCSuite_Setup, IPSFULLHD, LG_ULTRAWIDE, ULTRA_HD_Driver Setup) installation into a DLL file that the hacker wants. Missing Support for Integrity Check vulnerability in ____COMPONENT____ of LG Electronics (LGPCSuite_Setup), (IPSFULLHD, LG_ULTRAWIDE, ULTRA_HD_Driver Setup) allows ____ATTACKER/ATTACK____ to cause ____IMPACT____. This issue affects: LG Electronics; LGPCSuite_Setup : 1.0.0.3 on Windows(x86, x64); IPSFULLHD, LG_ULTRAWIDE, ULTRA_HD_Driver Setup : 1.0.0.9 on Windows(x86, x64). | |||||
| CVE-2020-7806 | 2 Microsoft, Tobesoft | 2 Windows, Xplatform | 2024-11-21 | 7.5 HIGH | 7.8 HIGH |
| Tobesoft Xplatform 9.2.2.250 and earlier version have an arbitrary code execution vulnerability by using method supported by Xplatform ActiveX Control. It allows attacker to cause remote code execution. | |||||
| CVE-2020-7803 | 2 Imgtech, Microsoft | 2 Zoneplayer, Windows | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| IMGTech Co,Ltd ZInsX.ocx ActiveX Control in Zoneplayer 2.0.1.3, version 2.0.1.4 and prior versions on Windows. File Donwload vulnerability in ZInsX.ocx of IMGTech Co,Ltd Zoneplayer allows attacker to cause arbitrary code execution. | |||||
| CVE-2020-7289 | 2 Mcafee, Microsoft | 2 Active Response, Windows | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Privilege Escalation vulnerability in McAfee Active Response (MAR) for Windows prior to 2.4.3 Hotfix 1 allows a malicious script or program to perform functions that the local executing user has not been granted access to. | |||||
| CVE-2020-7286 | 2 Mcafee, Microsoft | 2 Endpoint Detection And Response, Windows | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Privilege Escalation vulnerability in McAfee Exploit Detection and Response (EDR) for Windows prior to 3.1.0 Hotfix 1 allows a malicious script or program to perform functions that the local executing user has not been granted access to. | |||||
| CVE-2020-7252 | 2 Mcafee, Microsoft | 2 Data Exchange Layer, Windows | 2024-11-21 | 1.9 LOW | 4.2 MEDIUM |
| Unquoted service executable path in DXL Broker in McAfee Data eXchange Layer (DXL) Framework 6.0.0 and earlier allows local users to cause a denial of service and malicious file execution via carefully crafted and named executable files. | |||||
| CVE-2020-7211 | 3 Libslirp Project, Microsoft, Qemu | 3 Libslirp, Windows, Qemu | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| tftp.c in libslirp 4.1.0, as used in QEMU 4.2.0, does not prevent ..\ directory traversal on Windows. | |||||
| CVE-2020-7140 | 3 Hp, Microsoft, Redhat | 4 Icewall Sso Dfw, Icewall Sso Dgfw, Windows and 1 more | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| A security vulnerability in HPE IceWall SSO Dfw and Dgfw (Domain Gateway Option) could be exploited remotely to cause a remote cross-site scripting (XSS). HPE has provided the following information to resolve this vulnerability in HPE IceWall SSO DFW and Dgfw: https://www.hpe.com/jp/icewall_patchaccess | |||||
| CVE-2020-7061 | 3 Microsoft, Php, Tenable | 3 Windows, Php, Tenable.sc | 2024-11-21 | 6.4 MEDIUM | 6.5 MEDIUM |
| In PHP versions 7.3.x below 7.3.15 and 7.4.x below 7.4.3, while extracting PHAR files on Windows using phar extension, certain content inside PHAR file could lead to one-byte read past the allocated buffer. This could potentially lead to information disclosure or crash. | |||||
| CVE-2020-6938 | 3 Linux, Microsoft, Tableau | 3 Linux Kernel, Windows, Tableau Server | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| A sensitive information disclosure vulnerability in Tableau Server 10.5, 2018.x, 2019.x, 2020.x released before June 26, 2020, could allow access to sensitive information in log files. | |||||
| CVE-2020-6799 | 2 Microsoft, Mozilla | 3 Windows, Firefox, Firefox Esr | 2024-11-21 | 5.1 MEDIUM | 8.8 HIGH |
| Command line arguments could have been injected during Firefox invocation as a shell handler for certain unsupported file types. This required Firefox to be configured as the default handler for a given file type and for a file downloaded to be opened in a third party application that insufficiently sanitized URL data. In that situation, clicking a link in the third party application could have been used to retrieve and execute files whose location was supplied through command line arguments. Note: This issue only affects Windows operating systems and when Firefox is configured as the default handler for non-default filetypes. Other operating systems are unaffected. This vulnerability affects Firefox < 73 and Firefox < ESR68.5. | |||||
| CVE-2020-6567 | 5 Debian, Fedoraproject, Google and 2 more | 6 Debian Linux, Fedora, Chrome and 3 more | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Insufficient validation of untrusted input in command line handling in Google Chrome on Windows prior to 85.0.4183.83 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. | |||||
| CVE-2020-5992 | 2 Microsoft, Nvidia | 2 Windows, Geforce Now | 2024-11-21 | 4.4 MEDIUM | 7.8 HIGH |
| NVIDIA GeForce NOW application software on Windows, all versions prior to 2.0.25.119, contains a vulnerability in its open-source software dependency in which the OpenSSL library is vulnerable to binary planting attacks by a local user, which may lead to code execution or escalation of privileges. | |||||
| CVE-2020-5991 | 2 Microsoft, Nvidia | 2 Windows, Cuda Toolkit | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| NVIDIA CUDA Toolkit, all versions prior to 11.1.1, contains a vulnerability in the NVJPEG library in which an out-of-bounds read or write operation may lead to code execution, denial of service, or information disclosure. | |||||
| CVE-2020-5976 | 4 Apple, Google, Microsoft and 1 more | 6 Macos, Android, Android Tv and 3 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| NVIDIA GeForce NOW, versions prior to 2.0.23 (Windows, macOS) and versions prior to 5.31 (Android, Shield TV), contains a vulnerability in the application software where the network test component transmits sensitive information insecurely, which may lead to information disclosure. | |||||
| CVE-2020-5975 | 3 Apple, Microsoft, Nvidia | 3 Macos, Windows, Geforce Now | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| NVIDIA GeForce NOW, versions prior to 2.0.23 on Windows and macOS, contains a vulnerability in the desktop application software that includes sensitive information as part of a URL, which may lead to information disclosure. | |||||
| CVE-2020-5964 | 2 Microsoft, Nvidia | 10 Windows, Geforce, Geforce Experience and 7 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the service host component, in which the application resources integrity check may be missed. Such an attack may lead to code execution, denial of service or information disclosure. | |||||
| CVE-2020-5958 | 2 Microsoft, Nvidia | 6 Windows, Geforce Experience, Quadro and 3 more | 2024-11-21 | 4.4 MEDIUM | 7.8 HIGH |
| NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component in which an attacker with local system access can plant a malicious DLL file, which may lead to code execution, denial of service, or information disclosure. | |||||
| CVE-2020-5957 | 2 Microsoft, Nvidia | 6 Windows, Geforce Experience, Quadro and 3 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component in which an attacker with local system access can corrupt a system file, which may lead to denial of service or escalation of privileges. | |||||
| CVE-2020-5855 | 2 F5, Microsoft | 3 Big-ip Access Policy Manager, Big-ip Access Policy Manager Client, Windows | 2024-11-21 | 4.6 MEDIUM | 4.3 MEDIUM |
| When the Windows Logon Integration feature is configured for all versions of BIG-IP Edge Client for Windows, unauthorized users who have physical access to an authorized user's machine can get shell access under unprivileged user. | |||||