Skip to main content
CVE-2020-7952 HIGH POC This Week

rendersystemdx9.dll in Valve Dota 2 before 7.23f allows remote attackers to achieve code execution or denial of service by creating a gaming server and inviting a victim to this server, because a. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Denial Of Service Dota 2
NVD GitHub
CVSS 3.1
7.8
EPSS
1.9%
CVE-2020-7951 HIGH POC This Week

meshsystem.dll in Valve Dota 2 before 7.23e allows remote attackers to achieve code execution or denial of service by creating a gaming server and inviting a victim to this server, because a crafted. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Denial Of Service Memory Corruption Dota 2
NVD GitHub
CVSS 3.1
7.8
EPSS
1.9%
CVE-2020-7950 HIGH POC This Week

meshsystem.dll in Valve Dota 2 before 7.23f allows remote attackers to achieve code execution or denial of service by creating a gaming server and inviting a victim to this server, because a crafted. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Denial Of Service Dota 2
NVD GitHub
CVSS 3.1
7.8
EPSS
1.9%
CVE-2020-7949 HIGH POC This Week

schemasystem.dll in Valve Dota 2 before 7.23f allows remote attackers to achieve code execution or denial of service by creating a gaming server and inviting a victim to this server, because a. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Denial Of Service Dota 2
NVD GitHub Exploit-DB
CVSS 3.1
7.8
EPSS
4.2%
CVE-2020-7238 HIGH POC PATCH This Week

Netty 4.1.43.Final allows HTTP Request Smuggling because it mishandles Transfer-Encoding whitespace (such as a [space]Transfer-Encoding:chunked line) and a later Content-Length header. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Request Smuggling Information Disclosure Netty Fedora Debian Linux +3
NVD GitHub
CVSS 3.1
7.5
EPSS
3.6%
CVE-2020-8009 HIGH POC This Week

AVB MOTU devices through 2020-01-22 allow /.. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Avb Firmware
NVD
CVSS 3.1
7.5
EPSS
1.7%
CVE-2020-5207 HIGH PATCH This Week

In Ktor before 1.3.0, request smuggling is possible when running behind a proxy that doesn't handle Content-Length and Transfer-Encoding properly or doesn't handle \n as a headers separator. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This HTTP Request/Response Smuggling vulnerability could allow attackers to manipulate HTTP request interpretation between frontend and backend servers.

Request Smuggling Information Disclosure Ktor
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2020-5522 HIGH This Week

The kantan netprint App for Android 2.0.3 and earlier does not verify X.509 certificates from servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Google Information Disclosure Easy Netprint
NVD
CVSS 3.1
7.4
EPSS
0.5%
CVE-2020-5521 HIGH This Week

The kantan netprint App for iOS 2.0.2 and earlier does not verify X.509 certificates from servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Apple Easy Netprint
NVD
CVSS 3.1
7.4
EPSS
0.5%
CVE-2020-5520 HIGH This Week

The netprint App for iOS 3.2.3 and earlier does not verify X.509 certificates from servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Apple Netprint
NVD
CVSS 3.1
7.4
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy