Skip to main content
CVE-2020-9330 HIGH POC PATCH This Week

Certain Xerox WorkCentre printers before 073.xxx.000.02300 do not require the user to reenter or validate LDAP bind credentials when changing the LDAP connector IP address. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass Workcentre 3655 Firmware Workcentre 3655I Firmware Workcentre 5845 Firmware Workcentre 5855 Firmware +14
NVD
CVSS 3.1
8.8
EPSS
1.1%
CVE-2020-5243 HIGH POC PATCH This Week

uap-core before 0.7.3 is vulnerable to a denial of service attack when processing crafted User-Agent strings. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Uap Core
NVD GitHub
CVSS 3.1
7.5
EPSS
2.3%
CVE-2020-5524 HIGH This Week

Aterm series (Aterm WF1200C firmware Ver1.2.1 and earlier, Aterm WG1200CR firmware Ver1.2.1 and earlier, Aterm WG2600HS firmware Ver1.3.2 and earlier) allows an attacker on the same network segment. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Command Injection Aterm Wg2600Hs Firmware Aterm Wf1200C Firmware Aterm Wg1200Cr Firmware
NVD
CVSS 3.1
8.8
EPSS
1.0%
CVE-2020-5534 HIGH This Week

Aterm WG2600HS firmware Ver1.3.2 and earlier allows an authenticated attacker on the same network segment to execute arbitrary OS commands with root privileges via unspecified vectors. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. No vendor patch available.

Command Injection Aterm Wg2600Hs Firmware
NVD
CVSS 3.1
8.0
EPSS
0.9%
CVE-2020-5525 HIGH This Week

Aterm series (Aterm WF1200C firmware Ver1.2.1 and earlier, Aterm WG1200CR firmware Ver1.2.1 and earlier, Aterm WG2600HS firmware Ver1.3.2 and earlier) allows an authenticated attacker on the same. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. No vendor patch available.

Command Injection Aterm Wg2600Hs Firmware Aterm Wf1200C Firmware Aterm Wg1200Cr Firmware
NVD
CVSS 3.1
8.0
EPSS
0.9%
CVE-2020-9327 HIGH PATCH This Week

In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Null Pointer Dereference Denial Of Service Sqlite Cloud Backup Ubuntu Linux +8
NVD
CVSS 3.1
7.5
EPSS
3.7%
CVE-2020-7907 HIGH This Week

In the JetBrains Scala plugin before 2019.2.1, some artefact dependencies were resolved over unencrypted connections. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Scala
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2020-6842 HIGH This Week

D-Link DCH-M225 1.05b01 and earlier devices allow remote authenticated admins to execute arbitrary OS commands via shell metacharacters in the media renderer name. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection D-Link Dch M225 Firmware
NVD GitHub
CVSS 3.1
7.2
EPSS
2.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy