Total
82350 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-5976 | 4 Apple, Google, Microsoft and 1 more | 6 Macos, Android, Android Tv and 3 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| NVIDIA GeForce NOW, versions prior to 2.0.23 (Windows, macOS) and versions prior to 5.31 (Android, Shield TV), contains a vulnerability in the application software where the network test component transmits sensitive information insecurely, which may lead to information disclosure. | |||||
| CVE-2020-5975 | 3 Apple, Microsoft, Nvidia | 3 Macos, Windows, Geforce Now | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| NVIDIA GeForce NOW, versions prior to 2.0.23 on Windows and macOS, contains a vulnerability in the desktop application software that includes sensitive information as part of a URL, which may lead to information disclosure. | |||||
| CVE-2020-5974 | 1 Nvidia | 1 Jetpack Software Development Kit | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| NVIDIA JetPack SDK, version 4.2 and 4.3, contains a vulnerability in its installation scripts in which permissions are incorrectly set on certain directories, which can lead to escalation of privileges. | |||||
| CVE-2020-5972 | 1 Nvidia | 1 Virtual Gpu Manager | 2024-11-21 | 3.6 LOW | 7.1 HIGH |
| NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which local pointer variables are not initialized and may be freed later, which may lead to tampering or denial of service. This affects vGPU version 8.x (prior to 8.4), version 9.x (prior to 9.4) and version 10.x (prior to 10.3). | |||||
| CVE-2020-5971 | 1 Nvidia | 1 Virtual Gpu Manager | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which the software reads from a buffer by using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer, which may lead to code execution, denial of service, escalation of privileges, or information disclosure. This affects vGPU version 8.x (prior to 8.4), version 9.x (prior to 9.4) and version 10.x (prior to 10.3). | |||||
| CVE-2020-5970 | 1 Nvidia | 1 Virtual Gpu Manager | 2024-11-21 | 3.6 LOW | 7.1 HIGH |
| NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which an input data size is not validated, which may lead to tampering or denial of service. This affects vGPU version 8.x (prior to 8.4), version 9.x (prior to 9.4) and version 10.x (prior to 10.3). | |||||
| CVE-2020-5968 | 1 Nvidia | 1 Virtual Gpu Manager | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which the software does not restrict or incorrectly restricts operations within the boundaries of a resource that is accessed by using an index or pointer, such as memory or files, which may lead to code execution, denial of service, escalation of privileges, or information disclosure. This affects vGPU version 8.x (prior to 8.4), version 9.x (prior to 9.4) and version 10.x (prior to 10.3). | |||||
| CVE-2020-5966 | 1 Nvidia | 1 Gpu Display Driver | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, in which a NULL pointer is dereferenced, leading to denial of service or potential escalation of privileges. | |||||
| CVE-2020-5964 | 2 Microsoft, Nvidia | 10 Windows, Geforce, Geforce Experience and 7 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the service host component, in which the application resources integrity check may be missed. Such an attack may lead to code execution, denial of service or information disclosure. | |||||
| CVE-2020-5963 | 2 Canonical, Nvidia | 9 Ubuntu Linux, Geforce, Geforce Firmware and 6 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the Inter Process Communication APIs, in which improper access control may lead to code execution, denial of service, or information disclosure. | |||||
| CVE-2020-5962 | 1 Nvidia | 8 Geforce, Geforce Firmware, Nvs and 5 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component, in which an attacker with local system access can corrupt a system file, which may lead to denial of service or escalation of privileges. | |||||
| CVE-2020-5958 | 2 Microsoft, Nvidia | 6 Windows, Geforce Experience, Quadro and 3 more | 2024-11-21 | 4.4 MEDIUM | 7.8 HIGH |
| NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component in which an attacker with local system access can plant a malicious DLL file, which may lead to code execution, denial of service, or information disclosure. | |||||
| CVE-2020-5957 | 2 Microsoft, Nvidia | 6 Windows, Geforce Experience, Quadro and 3 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component in which an attacker with local system access can corrupt a system file, which may lead to denial of service or escalation of privileges. | |||||
| CVE-2020-5956 | 1 Insyde | 1 Insydeh2o | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in SdLegacySmm in Insyde InsydeH2O with kernel 5.1 before 05.15.11, 5.2 before 05.25.11, 5.3 before 05.34.11, and 5.4 before 05.42.11. The software SMI handler allows untrusted external input because it does not verify CommBuffer. | |||||
| CVE-2020-5953 | 2 Insyde, Siemens | 33 Insydeh2o, Ruggedcom Ape1808, Ruggedcom Ape1808 Firmware and 30 more | 2024-11-21 | 6.9 MEDIUM | 7.5 HIGH |
| A vulnerability exists in System Management Interrupt (SWSMI) handler of InsydeH2O UEFI Firmware code located in SWSMI handler that dereferences gRT (EFI_RUNTIME_SERVICES) pointer to call a GetVariable service, which is located outside of SMRAM. This can result in code execution in SMM (escalating privilege from ring 0 to ring -2). | |||||
| CVE-2020-5949 | 1 F5 | 14 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Advanced Web Application Firewall and 11 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| On BIG-IP versions 14.0.0-14.0.1 and 13.1.0-13.1.3.4, certain traffic pattern sent to a virtual server configured with an FTP profile can cause the FTP channel to break. | |||||
| CVE-2020-5946 | 1 F5 | 2 Big-ip Advanced Web Application Firewall, Big-ip Fraud Protection Service | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| In BIG-IP Advanced WAF and FPS versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, and 14.1.0-14.1.2.7, under some circumstances, certain format client-side alerts sent to the BIG-IP virtual server configured with DataSafe may cause the Traffic Management Microkernel (TMM) to restart, resulting in a Denial-of-Service (DoS). | |||||
| CVE-2020-5945 | 1 F5 | 11 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 8 more | 2024-11-21 | 8.5 HIGH | 8.4 HIGH |
| In BIG-IP versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, and 14.1.0-14.1.2.7, undisclosed TMUI page contains a stored cross site scripting vulnerability (XSS). The issue allows a minor privilege escalation for resource admin to escalate to full admin. | |||||
| CVE-2020-5942 | 1 F5 | 1 Big-ip Policy Enforcement Manager | 2024-11-21 | 4.3 MEDIUM | 7.5 HIGH |
| In BIG-IP PEM versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.2.7, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, when processing Capabilities-Exchange-Answer (CEA) packets with certain attributes from the Policy and Charging Rules Function (PCRF) server, the Traffic Management Microkernel (TMM) may generate a core file and restart. | |||||
| CVE-2020-5941 | 1 F5 | 11 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 8 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| On BIG-IP versions 16.0.0-16.0.0.1 and 15.1.0-15.1.0.5, using the RESOLV::lookup command within an iRule may cause the Traffic Management Microkernel (TMM) to generate a core file and restart. This issue occurs when data exceeding the maximum limit of a hostname passes to the RESOLV::lookup command. | |||||