|
199931
|
7.8 |
HIGH
Local
|
nvidia
|
quadro_firmware
geforce_experience
tesla_firmware
|
NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component in which an attacker with local system access can plant a malicious DLL file, which may…
|
NVD-CWE-noinfo
|
CVE-2020-5958
|
2024-11-21 14:34 |
2020-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199932
|
7.8 |
HIGH
Local
|
nvidia
|
quadro_firmware
geforce_experience
tesla_firmware
|
NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component in which an attacker with local system access can corrupt a system file, which may lead…
|
NVD-CWE-noinfo
|
CVE-2020-5957
|
2024-11-21 14:34 |
2020-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199933
|
6.5 |
MEDIUM
Network
|
vmware
|
spring_cloud_config
|
Spring Cloud Config, versions 2.2.x prior to 2.2.2, versions 2.1.x prior to 2.1.7, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-co…
|
CWE-22
Path Traversal
|
CVE-2020-5405
|
2024-11-21 14:34 |
2020-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199934
|
8.8 |
HIGH
Adjacent
|
plathome
|
openblocks_iot_vx2_firmware
|
OpenBlocks IoT VX2 prior to Ver.4.0.0 (Ver.3 Series) allows an attacker on the same network segment to bypass authentication and to initialize the device via unspecified vectors.
|
CWE-287
Improper Authentication
|
CVE-2020-5536
|
2024-11-21 14:34 |
2020-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199935
|
8.8 |
HIGH
Adjacent
|
plathome
|
openblocks_iot_vx2_firmware
|
OpenBlocks IoT VX2 prior to Ver.4.0.0 (Ver.3 Series) allows an attacker on the same network segment to execute arbitrary OS commands with root privileges via unspecified vectors.
|
CWE-78
OS Command
|
CVE-2020-5535
|
2024-11-21 14:34 |
2020-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199936
|
7.5 |
HIGH
Network
|
pivotal
|
reactor_netty
|
Reactor Netty HttpServer, versions 0.9.3 and 0.9.4, is exposed to a URISyntaxException that causes the connection to be closed prematurely instead of producing a 400 response.
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2020-5403
|
2024-11-21 14:34 |
2020-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199937
|
5.9 |
MEDIUM
Network
|
pivotal
|
reactor_netty
|
The HttpClient from Reactor Netty, versions 0.9.x prior to 0.9.5, and versions 0.8.x prior to 0.8.16, may be used incorrectly, leading to a credentials leak during a redirect to a different domain. I…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2020-5404
|
2024-11-21 14:34 |
2020-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199938
|
6.5 |
MEDIUM
Network
|
grandit
|
grandit
|
GRANDIT Ver.1.6, Ver.2.0, Ver.2.1, Ver.2.2, Ver.2.3, and Ver.3.0 do not properly manage sessions, which allows remote attackers to impersonate an arbitrary user and then alter or disclose the informa…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2020-5539
|
2024-11-21 14:34 |
2020-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199939
|
8.8 |
HIGH
Network
|
cloudfoundry
|
cf-deployment
user_account_and_authentication
|
In Cloud Foundry UAA, versions prior to 74.14.0, a CSRF vulnerability exists due to the OAuth2 state parameter not being checked in the callback function when authenticating with external identity pr…
|
CWE-352
Origin Validation Error
|
CVE-2020-5402
|
2024-11-21 14:34 |
2020-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199940
|
5.3 |
MEDIUM
Network
|
cloudfoundry
|
routing_release
|
Cloud Foundry Routing Release, versions prior to 0.197.0, contains GoRouter, which allows malicious clients to send invalid headers, causing caching layers to reject subsequent legitimate clients try…
|
CWE-444
HTTP Request Smuggling
|
CVE-2020-5401
|
2024-11-21 14:34 |
2020-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
