|
210281
|
7.5 |
HIGH
Network
|
intel
|
bmc_firmware
|
NVIDIA DGX servers, DGX-1 with BMC firmware versions prior to 3.38.30. DGX-2 with BMC firmware versions prior to 1.06.06 and all DGX A100 Servers with all BMC firmware versions, contains a vulnerabil…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2020-11487
|
2024-11-21 13:57 |
2020-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210282
|
9.8 |
CRITICAL
Network
|
intel
|
bmc_firmware
|
NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30, contain a vulnerability in the AMI BMC firmware in which software allows an attacker to upload or transfer files that can be…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2020-11486
|
2024-11-21 13:57 |
2020-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210283
|
8.8 |
HIGH
Network
|
intel
|
bmc_firmware
|
NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30, contains a Cross-Site Request Forgery (CSRF) vulnerability in the AMI BMC firmware in which the web application does not suf…
|
CWE-352
Origin Validation Error
|
CVE-2020-11485
|
2024-11-21 13:57 |
2020-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210284
|
4.9 |
MEDIUM
Network
|
intel
|
bmc_firmware
|
NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30, contains a vulnerability in the AMI BMC firmware in which an attacker with administrative privileges can obtain the hash of …
|
NVD-CWE-noinfo
|
CVE-2020-11484
|
2024-11-21 13:57 |
2020-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210285
|
9.8 |
CRITICAL
Network
|
intel
|
bmc_firmware
|
NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30 and all DGX-2 with BMC firmware versions prior to 1.06.06, contains a vulnerability in the AMI BMC firmware in which the firm…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2020-11483
|
2024-11-21 13:57 |
2020-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210286
|
7.2 |
HIGH
Network
|
concretecms
|
concrete_cms
|
Concrete5 before 8.5.3 allows Unrestricted Upload of File with Dangerous Type such as a .phar file.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2020-11476
|
2024-11-21 13:57 |
2020-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210287
|
7.8 |
HIGH
Local
|
ncp-e
|
secure_enterprise_client
|
NCP Secure Enterprise Client before 10.15 r47589 allows a symbolic link attack on enumusb.reg via Support Assistant.
|
CWE-59
Link Following
|
CVE-2020-11474
|
2024-11-21 13:57 |
2020-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210288
|
7.5 |
HIGH
Network
|
windriver
|
vxworks
|
httpRpmFs in WebCLI in Wind River VxWorks 5.5 through 7 SR0640 has no check for an escape from the web root.
|
NVD-CWE-noinfo
|
CVE-2020-11440
|
2024-11-21 13:57 |
2020-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210289
|
8.8 |
HIGH
Network
|
librehealth
|
librehealth_ehr
|
LibreHealth EMR v2.0.0 is affected by a Local File Inclusion issue allowing arbitrary PHP to be included and executed within the EMR application.
|
CWE-22
Path Traversal
|
CVE-2020-11439
|
2024-11-21 13:57 |
2020-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210290
|
8.8 |
HIGH
Network
|
librehealth
|
librehealth_ehr
|
LibreHealth EMR v2.0.0 is affected by systemic CSRF.
|
CWE-352
Origin Validation Error
|
CVE-2020-11438
|
2024-11-21 13:57 |
2020-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
