Skip to main content
CVE-2020-10648 HIGH POC PATCH CISA Act Now

Das U-Boot through 2020.01 allows attackers to bypass verified boot restrictions and subsequently boot arbitrary images by providing a crafted FIT image to a system configured to boot the default. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass U Boot Leap
NVD GitHub
CVSS 3.1
7.8
EPSS
0.1%
Threat
5.1
CVE-2020-10671 HIGH POC This Week

The Canon Oce Colorwave 500 4.0.0.0 printer's web application is missing any form of CSRF protections. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Oce Colorwave 500 Firmware
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2020-10669 HIGH POC This Week

The web application exposed by the Canon Oce Colorwave 500 4.0.0.0 printer is vulnerable to authentication bypass on the page /home.jsp. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Oce Colorwave 500 Firmware
NVD
CVSS 3.1
7.5
EPSS
3.5%
CVE-2020-10675 HIGH POC PATCH This Week

The Library API in buger jsonparser through 2019-12-04 allows attackers to cause a denial of service (infinite loop) via a Delete call. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Jsonparser Fedora
NVD GitHub
CVSS 3.1
7.5
EPSS
2.5%
CVE-2020-3264 HIGH POC This Week

A vulnerability in Cisco SD-WAN Solution software could allow an authenticated, local attacker to cause a buffer overflow on an affected device. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Cisco Sd Wan Firmware
NVD GitHub
CVSS 3.1
7.1
EPSS
0.7%
CVE-2020-10678 HIGH This Week

In Octopus Deploy before 2020.1.5, for customers running on-premises Active Directory linked to their Octopus server, an authenticated user can leverage a bug to escalate privileges. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Octopus Deploy
NVD GitHub
CVSS 3.1
8.8
EPSS
1.0%
CVE-2020-7006 HIGH PATCH This Week

Systech Corporation NDS-5000 Terminal Server, NDS/5008 (8 Port, RJ45), firmware Version 02D.30. Rated high severity (CVSS 8.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS RCE Information Disclosure Nds 5008Rm Firmware Nds 5000 Firmware
NVD
CVSS 3.1
8.4
EPSS
1.7%
CVE-2020-3266 HIGH This Week

A vulnerability in the CLI of Cisco SD-WAN Solution software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Command Injection Sd Wan Firmware
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2020-3265 HIGH This Week

A vulnerability in Cisco SD-WAN Solution software could allow an authenticated, local attacker to elevate privileges to root on the underlying operating system. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Cisco Privilege Escalation Sd Wan Firmware
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-1705 HIGH This Week

A vulnerability was found in openshift/template-service-broker-operator in all 4.x.x versions prior to 4.3.0, where an insecure modification vulnerability in the /etc/passwd file was found in the. Rated high severity (CVSS 7.0). No vendor patch available.

Privilege Escalation Template Service Broker Operator
NVD
CVSS 3.1
7.0
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy