|
196691
|
7.8 |
HIGH
Local
|
nagios
|
nagios_xi
|
Improper preservation of permissions in Nagios XI 5.7.4 allows a local, low-privileged, authenticated user to weaken the permissions of files, resulting in low-privileged users being able to write to…
|
CWE-281
Improper Preservation of Permissions
|
CVE-2020-5796
|
2024-11-21 14:34 |
2020-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196692
|
7.5 |
HIGH
Network
|
valvesoftware
|
game_networking_sockets
|
Valve's Game Networking Sockets prior to version v1.2.0 improperly handles inlined statistics messages in function CConnectionTransportUDPBase::Received_Data(), leading to an exception thrown from li…
|
NVD-CWE-noinfo
|
CVE-2020-6019
|
2024-11-21 14:34 |
2020-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196693
|
7.8 |
HIGH
Local
|
nvidia
|
geforce_now
|
NVIDIA GeForce NOW application software on Windows, all versions prior to 2.0.25.119, contains a vulnerability in its open-source software dependency in which the OpenSSL library is vulnerable to bin…
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2020-5992
|
2024-11-21 14:34 |
2020-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196694
|
9.8 |
CRITICAL
Network
|
vmware
|
pivotal_scheduler
|
Scheduler for TAS prior to version 1.4.0 was permitting plaintext transmission of UAA client token by sending it over a non-TLS connection. This also depended on the configuration of the MySQL server…
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2020-5426
|
2024-11-21 14:34 |
2020-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196695
|
6.9 |
MEDIUM
Physics
|
dell
|
inspiron_15_7579_firmware
|
Dell Inspiron 15 7579 2-in-1 BIOS versions prior to 1.31.0 contain an Improper SMM communication buffer verification vulnerability. A local authenticated malicious user may potentially exploit this v…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2020-5388
|
2024-11-21 14:34 |
2020-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196696
|
7.8 |
HIGH
Local
|
tenable
|
nessus_network_monitor
|
A vulnerability in Nessus Network Monitor versions 5.11.0, 5.11.1, and 5.12.0 for Windows could allow an authenticated local attacker to execute arbitrary code by copying user-supplied files to a spe…
|
NVD-CWE-noinfo
|
CVE-2020-5794
|
2024-11-21 14:34 |
2020-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196697
|
6.2 |
MEDIUM
Physics
|
tp-link
|
archer_a7_firmware
|
UNIX Symbolic Link (Symlink) Following in TP-Link Archer A7(US)_V5_200721 allows an authenticated admin user, with physical access and network access, to execute arbitrary code after plugging a craft…
|
CWE-59
Link Following
|
CVE-2020-5795
|
2024-11-21 14:34 |
2020-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196698
|
5.5 |
MEDIUM
Local
|
wantedlyinc
|
studyplus
|
Studyplus App for Android v6.3.7 and earlier and Studyplus App for iOS v8.29.0 and earlier use a hard-coded API key for an external service. By exploiting this vulnerability, API key for an external …
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2020-5667
|
2024-11-21 14:34 |
2020-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196699
|
6.5 |
MEDIUM
Network
|
cybozu
|
garoon
|
Improper input validation vulnerability in Cybozu Garoon 5.0.0 to 5.0.2 allows a remote authenticated attacker to delete some data of the bulletin board via unspecified vector.
|
CWE-20
Improper Input Validation
|
CVE-2020-5643
|
2024-11-21 14:34 |
2020-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196700
|
7.5 |
HIGH
Network
|
mitsubishielectric
|
coreos
|
Resource management error vulnerability in TCP/IP function included in the firmware of GT14 Model of GOT 1000 series (GT1455-QTBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QMBDE CoreOS versio…
|
NVD-CWE-noinfo
|
CVE-2020-5649
|
2024-11-21 14:34 |
2020-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
