Skip to main content
CVE-2020-6629 MEDIUM POC This Month

Ming (aka libming) 0.4.8 has z NULL pointer dereference in the function decompileGETURL2() in decompile.c. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Libming
NVD GitHub
CVSS 3.1
6.5
EPSS
1.3%
CVE-2020-6758 MEDIUM POC This Month

A cross-site scripting (XSS) vulnerability in Option/optionsAll.php in Rasilient PixelStor 5000 K:4.0.1580-20150629 (KDI Version) allows remote attackers to inject arbitrary web script or HTML via. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Pixelstor 5000 Firmware
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2020-5308 MEDIUM POC This Month

PHPGurukul Dairy Farm Shop Management System 1.0 is vulnerable to XSS, as demonstrated by the category and CategoryCode parameters in add-category.php, the CompanyName parameter in add-company.php,. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Dairy Farm Shop Management System
NVD
CVSS 3.1
6.1
EPSS
1.3%
CVE-2020-6750 MEDIUM POC This Month

GSocketClient in GNOME GLib through 2.62.4 may occasionally connect directly to a target address instead of connecting via a proxy server when configured to do so, because the proxy_addr field is. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Information Disclosure Glib Fedora
NVD
CVSS 3.1
5.9
EPSS
2.2%
CVE-2020-6631 MEDIUM POC This Month

An issue was discovered in GPAC version 0.8.0. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Gpac
NVD GitHub
CVSS 3.1
5.5
EPSS
0.8%
CVE-2020-6630 MEDIUM POC This Month

An issue was discovered in GPAC version 0.8.0. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Gpac
NVD GitHub
CVSS 3.1
5.5
EPSS
0.8%
CVE-2020-6166 MEDIUM POC This Month

A flaw in the WordPress plugin, Minimal Coming Soon & Maintenance Mode through 2.15, allows authenticated users with basic access to export settings and change maintenance-mode themes. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress Privilege Escalation Minimal Coming Soon Maintenance Mode
NVD
CVSS 3.1
5.4
EPSS
1.1%
CVE-2020-1787 MEDIUM This Month

HUAWEI Mate 20 smartphones versions earlier than 9.1.0.139(C00E133R3P1) have an improper authentication vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. No vendor patch available.

Huawei Authentication Bypass Mate 20 Firmware
NVD
CVSS 3.1
6.6
EPSS
0.3%
CVE-2020-6632 MEDIUM PATCH This Month

In PrestaShop 1.7.6.2, XSS can occur during addition or removal of a QuickAccess link. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS PHP Prestashop
NVD GitHub
CVSS 3.1
6.1
EPSS
0.7%
CVE-2020-5205 MEDIUM PATCH This Month

In Pow (Hex package) before 1.0.16, the use of Plug.Session in Pow.Plug.Session is susceptible to session fixation attacks if a persistent session store is used for Plug.Session, such as Redis or a. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Redis Session Fixation Information Disclosure Pow
NVD GitHub
CVSS 3.1
5.4
EPSS
0.8%
CVE-2020-1810 MEDIUM This Month

There is a weak algorithm vulnerability in some Huawei products. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Huawei Microsoft Information Disclosure Cloudengine 12800 Firmware S5700 Firmware +1
NVD
CVSS 3.1
5.3
EPSS
0.5%
CVE-2020-1786 MEDIUM This Month

HUAWEI Mate 20 Pro smartphones versions earlier than 10.0.0.175(C00E69R3P8) have an improper authentication vulnerability. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Huawei Authentication Bypass Mate 20 Pro Firmware
NVD
CVSS 3.1
4.6
EPSS
0.2%
CVE-2020-1826 MEDIUM This Month

Huawei Honor Magic2 mobile phones with versions earlier than 10.0.0.175(C00E59R2P11) have an information leak vulnerability. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Huawei Information Disclosure Honor Magic2 Firmware
NVD
CVSS 3.1
4.4
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy