|
196381
|
7.8 |
HIGH
Local
|
nvidia
|
geforce_experience
|
NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in the ShadowPlay component which may lead to local privilege escalation, code execution, denial of service or inf…
|
NVD-CWE-noinfo
|
CVE-2020-5990
|
2024-11-21 14:34 |
2020-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196382
|
7.8 |
HIGH
Local
|
nvidia
|
geforce_experience
|
NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in its services in which a folder is created by nvcontainer.exe under normal user login with LOCAL_SYSTEM privileg…
|
NVD-CWE-noinfo
|
CVE-2020-5978
|
2024-11-21 14:34 |
2020-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196383
|
7.8 |
HIGH
Local
|
nvidia
|
geforce_experience
|
NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in NVIDIA Web Helper NodeJS Web Server in which an uncontrolled search path is used to load a node module, which m…
|
CWE-426
Untrusted Search Path
|
CVE-2020-5977
|
2024-11-21 14:34 |
2020-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196384
|
8.8 |
HIGH
Network
|
tipsandtricks-hq
|
simple_download_monitor
|
SQL injection vulnerability in Simple Download Monitor 3.8.8 and earlier allows remote attackers to execute arbitrary SQL commands via a specially crafted URL.
|
CWE-89
SQL Injection
|
CVE-2020-5651
|
2024-11-21 14:34 |
2020-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196385
|
6.1 |
MEDIUM
Network
|
tipsandtricks-hq
|
simple_download_monitor
|
Cross-site scripting vulnerability in Simple Download Monitor 3.8.8 and earlier allows remote attackers to inject an arbitrary script via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2020-5650
|
2024-11-21 14:34 |
2020-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196386
|
7.2 |
HIGH
Network
|
nagios
|
nagios_xi
|
Improper neutralization of argument delimiters in a command in Nagios XI 5.7.3 allows a remote, authenticated admin user to write to arbitrary files and ultimately execute code with the privileges of…
|
CWE-88
Argument Injection
|
CVE-2020-5792
|
2024-11-21 14:34 |
2020-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196387
|
7.2 |
HIGH
Network
|
nagios
|
nagios_xi
|
Improper neutralization of special elements used in an OS command in Nagios XI 5.7.3 allows a remote, authenticated admin user to execute operating system commands with the privileges of the apache u…
|
CWE-78
OS Command
|
CVE-2020-5791
|
2024-11-21 14:34 |
2020-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196388
|
6.5 |
MEDIUM
Network
|
nagios
|
nagios_xi
|
Cross-site request forgery in Nagios XI 5.7.3 allows a remote attacker to perform sensitive application actions by tricking legitimate users into clicking a crafted link.
|
CWE-352
Origin Validation Error
|
CVE-2020-5790
|
2024-11-21 14:34 |
2020-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196389
|
9.8 |
CRITICAL
Network
|
onethird
|
onethird
|
Local file inclusion vulnerability in OneThird CMS v1.96c and earlier allows a remote unauthenticated attacker to execute arbitrary code or obtain sensitive information via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2020-5640
|
2024-11-21 14:34 |
2020-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196390
|
8.8 |
HIGH
Network
|
onwebchat
|
live_chat_-_live_support
|
Cross-site request forgery (CSRF) vulnerability in Live Chat - Live support version 3.1.0 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.
|
CWE-352
Origin Validation Error
|
CVE-2020-5642
|
2024-11-21 14:34 |
2020-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
