Skip to main content
CVE-2020-9535 HIGH POC This Week

fmwlan.c on D-Link DIR-615Jx10 devices has a stack-based buffer overflow via the formWlanSetup_Wizard webpage parameter when f_radius_ip1 is malformed. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption D-Link Dir 615Jx10 Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
1.6%
CVE-2020-9534 HIGH POC This Week

fmwlan.c on D-Link DIR-615Jx10 devices has a stack-based buffer overflow via the formWlanSetup webpage parameter when f_radius_ip1 is malformed. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption D-Link Dir 615Jx10 Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
1.6%
CVE-2020-9549 HIGH POC This Week

In PDFResurrect 0.12 through 0.19, get_type in pdf.c has an out-of-bounds write via a crafted PDF document. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Pdfresurrect Debian Linux
NVD GitHub
CVSS 3.1
7.8
EPSS
1.3%
CVE-2020-8437 HIGH POC THREAT This Week

The bencoding parser in BitTorrent uTorrent through 3.5.5 (build 45505) misparses nested bencoded dictionaries, which allows a remote attacker to cause a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Utorrent
NVD
CVSS 3.1
7.5
EPSS
12.0%
CVE-2020-8500 HIGH POC This Week

In Artica Pandora FMS 7.42, Web Admin users can execute arbitrary code by uploading a .php file via the Updater or Extension component. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload RCE PHP Pandora Fms
NVD
CVSS 3.1
7.2
EPSS
3.5%
CVE-2020-6801 HIGH This Week

Mozilla developers reported memory safety bugs present in Firefox 72. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Mozilla Memory Corruption Firefox +1
NVD
CVSS 3.1
8.8
EPSS
1.4%
CVE-2020-6800 HIGH This Week

Mozilla developers and community members reported memory safety bugs present in Firefox 72 and Firefox ESR 68.4. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Mozilla Memory Corruption Firefox +3
NVD
CVSS 3.1
8.8
EPSS
2.3%
CVE-2020-6799 HIGH PATCH This Week

Command line arguments could have been injected during Firefox invocation as a shell handler for certain unsupported file types. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Mozilla Microsoft Code Injection Firefox Firefox Esr
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2020-6796 HIGH This Week

A content process could have modified shared memory relating to crash reporting information, crash itself, and cause an out-of-bound write. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Mozilla Memory Corruption Firefox Firefox Esr
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2020-4283 HIGH This Week

IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, and 1.0.4 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication,. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Authentication Bypass Security Information Queue
NVD
CVSS 3.1
8.6
EPSS
1.3%
CVE-2020-9540 HIGH This Week

Sophos HitmanPro.Alert before build 861 allows local elevation of privilege. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Sophos Information Disclosure Hitmanpro Alert
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-9545 HIGH This Week

Pale Moon 28.x before 28.8.4 has a segmentation fault related to module scripting, as demonstrated by a Lacoste web site. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Pale Moon
NVD
CVSS 3.1
7.5
EPSS
1.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy