|
200101
|
7.5 |
HIGH
Network
|
nvidia
|
geforce_now
|
NVIDIA GeForce NOW, versions prior to 2.0.23 on Windows and macOS, contains a vulnerability in the desktop application software that includes sensitive information as part of a URL, which may lead to…
|
CWE-200
Information Exposure
|
CVE-2020-5975
|
2024-11-21 14:34 |
2020-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200102
|
6.5 |
MEDIUM
Network
|
uniqlo
|
uniqlo
|
UNIQLO App for Android versions 7.3.3 and earlier allows remote attackers to lead a user to access an arbitrary website via a malicious App created by the third party. As a result, if the access dest…
|
NVD-CWE-noinfo
|
CVE-2020-5629
|
2024-11-21 14:34 |
2020-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200103
|
6.5 |
MEDIUM
Network
|
uniqlo
|
uniqlo
|
UNIQLO App for Android versions 7.3.3 and earlier allows remote attackers to lead a user to access an arbitrary website via the vulnerable App. As a result, if the access destination is a malicious w…
|
NVD-CWE-noinfo
|
CVE-2020-5628
|
2024-11-21 14:34 |
2020-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200104
|
6.1 |
MEDIUM
Network
|
buffalo
|
airstation_whr-g54s_firmware
|
Cross-site scripting vulnerability in WHR-G54S firmware 1.43 and earlier allows remote attackers to inject arbitrary script via a specially crafted page.
|
CWE-79
Cross-site Scripting
|
CVE-2020-5606
|
2024-11-21 14:34 |
2020-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200105
|
4.3 |
MEDIUM
Network
|
buffalo
|
airstation_whr-g54s_firmware
|
Directory traversal vulnerability in WHR-G54S firmware 1.43 and earlier allows an attacker to access sensitive information such as setting values via unspecified vectors.
|
CWE-22
Path Traversal
|
CVE-2020-5605
|
2024-11-21 14:34 |
2020-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200106
|
5.3 |
MEDIUM
Network
|
icegram
|
email_subscribers_\&_newsletters
|
Missing Authentication for Critical Function in Icegram Email Subscribers & Newsletters Plugin for WordPress prior to version 4.5.6 allows a remote, unauthenticated attacker to conduct unauthenticate…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2020-5780
|
2024-11-21 14:34 |
2020-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200107
|
6.1 |
MEDIUM
Network
|
yodobashi
|
yodobashi
|
Yodobashi App for Android versions 1.8.7 and earlier allows remote attackers to lead a user to access an arbitrary website via the vulnerable App. As a result, the user may become a victim of a phish…
|
CWE-601
Open Redirect
|
CVE-2020-5627
|
2024-11-21 14:34 |
2020-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200108
|
7.7 |
HIGH
Network
|
cloudfoundry
|
gorouter
cf-deployment
|
Cloud Foundry Routing (Gorouter) versions prior to 0.206.0 allow a malicious developer with "cf push" access to cause denial-of-service to the CF cluster by pushing an app that returns specially craf…
|
CWE-754
Improper Check for Unusual or Exceptional Conditions
|
CVE-2020-5420
|
2024-11-21 14:34 |
2020-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200109
|
4.3 |
MEDIUM
Network
|
cloudfoundry
|
capi-release
cf-deployment
|
Cloud Foundry CAPI (Cloud Controller) versions prior to 1.98.0 allow authenticated users having only the "cloud_controller.read" scope, but no roles in any spaces, to list all droplets in all spaces …
|
CWE-863
Incorrect Authorization
|
CVE-2020-5418
|
2024-11-21 14:34 |
2020-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200110
|
7.5 |
HIGH
Network
|
dell
|
emc_elastic_cloud_storage
|
Dell EMC ECS, versions prior to 3.5, contains an Exposure of Resource vulnerability. A remote unauthenticated attacker can access the list of DT (Directory Table) objects of all internally running se…
|
CWE-668
Exposure of Resource to Wrong Sphere
|
CVE-2020-5386
|
2024-11-21 14:34 |
2020-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
