Skip to main content
CVE-2020-9015 CRITICAL POC THREAT Emergency

Arista DCS-7050QX-32S-R 4.20.9M, DCS-7050CX3-32S-R 4.20.11M, and DCS-7280SRAM-48C6-R 4.22.0.1F devices (and possibly other products) allow attackers to bypass intended TACACS+ shell restrictions via. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Dcs 7050Qx 32S R Firmware Dcs 7050Cx3 32S R Firmware Dcs 7280Sram 48C6 R Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
16.5%
CVE-2020-3765 CRITICAL PATCH Act Now

Adobe After Effects versions 16.1.2 and earlier have an out-of-bounds write vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow RCE Memory Corruption Adobe After Effects
NVD
CVSS 3.1
9.8
EPSS
5.9%
CVE-2020-8990 CRITICAL PATCH Act Now

Western Digital My Cloud Home before 3.6.0 and ibi before 3.6.0 allow Session Fixation. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Session Fixation Information Disclosure Ibi My Cloud Home
NVD
CVSS 3.1
9.1
EPSS
1.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy