Skip to main content
CVE-2020-6080 HIGH POC This Week

An exploitable denial-of-service vulnerability exists in the resource allocation handling of Videolabs libmicrodns 0.1.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Libmicrodns Debian Linux
NVD
CVSS 3.1
7.5
EPSS
2.4%
CVE-2020-6079 HIGH POC This Week

An exploitable denial-of-service vulnerability exists in the resource allocation handling of Videolabs libmicrodns 0.1.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Libmicrodns Debian Linux
NVD
CVSS 3.1
7.5
EPSS
3.0%
CVE-2020-6078 HIGH POC This Week

An exploitable denial-of-service vulnerability exists in the message-parsing functionality of Videolabs libmicrodns 0.1.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Libmicrodns Debian Linux
NVD
CVSS 3.1
7.5
EPSS
3.0%
CVE-2020-6077 HIGH POC This Week

An exploitable denial-of-service vulnerability exists in the message-parsing functionality of Videolabs libmicrodns 0.1.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Information Disclosure Libmicrodns Debian Linux
NVD
CVSS 3.1
7.5
EPSS
2.4%
CVE-2020-6073 HIGH POC This Week

An exploitable denial-of-service vulnerability exists in the TXT record-parsing functionality of Videolabs libmicrodns 0.1.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Integer Overflow Libmicrodns Debian Linux
NVD
CVSS 3.1
7.5
EPSS
2.4%
CVE-2020-6071 HIGH POC This Week

An exploitable denial-of-service vulnerability exists in the resource record-parsing functionality of Videolabs libmicrodns 0.1.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Libmicrodns Debian Linux
NVD
CVSS 3.1
7.5
EPSS
2.4%
CVE-2020-10931 HIGH POC PATCH THREAT This Week

Memcached 1.6.x before 1.6.2 allows remote attackers to cause a denial of service (daemon crash) via a crafted binary protocol header to try_read_command_binary in memcached.c. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Denial Of Service Memcached
NVD GitHub
CVSS 3.1
7.5
EPSS
28.1%
CVE-2020-8985 HIGH This Week

ZendTo prior to 5.22-2 Beta allowed reflected XSS and CSRF via the unlock.tpl unlock user functionality. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS CSRF Zendto
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2020-6982 HIGH This Week

In Honeywell WIN-PAK 4.7.2, Web and prior versions, the header injection vulnerability has been identified, which may allow remote code execution. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Honeywell Win Pak
NVD
CVSS 3.1
8.8
EPSS
1.1%
CVE-2020-7005 HIGH This Week

In Honeywell WIN-PAK 4.7.2, Web and prior versions, the affected product is vulnerable to a cross-site request forgery, which may allow an attacker to remotely execute arbitrary code. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Honeywell RCE CSRF Win Pak
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2020-4253 HIGH PATCH This Week

IBM Content Navigator 3.0CD does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

IBM Information Disclosure Content Navigator
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2020-10852 HIGH This Week

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Samsung Memory Corruption Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2020-10851 HIGH This Week

An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) software. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Samsung Memory Corruption Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2020-10842 HIGH This Week

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (S.LSI chipsets) software. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Samsung Memory Corruption Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2020-10841 HIGH This Week

An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (Exynos 9610 chipsets) software. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Samsung Information Disclosure Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2020-10838 HIGH This Week

An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) software. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Samsung Use After Free Memory Corruption RCE Android
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2020-10832 HIGH This Week

An issue was discovered on Samsung mobile devices with P(9.0) (Exynos chipsets) software. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Samsung Information Disclosure Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2020-10829 HIGH This Week

An issue was discovered on Samsung mobile devices with O(8.0), P(9.0), and Q(10.0) (Broadcom chipsets) software. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Broadcom Buffer Overflow Memory Corruption Samsung RCE +1
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2020-8984 HIGH This Week

lib/NSSDropbox.php in ZendTo prior to 5.22-2 Beta allowed IP address spoofing via the X-Forwarded-For header. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure PHP Zendto
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2020-7001 HIGH This Week

In Moxa EDS-G516E Series firmware, Version 5.2 or lower, the affected products use a weak cryptographic algorithm, which may allow confidential information to be disclosed. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Eds G516E Firmware Eds 510E Firmware
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2020-6997 HIGH This Week

In Moxa EDS-G516E Series firmware, Version 5.2 or lower, sensitive information is transmitted over some web applications in cleartext. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Eds G516E Firmware Eds 510E Firmware
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2020-6979 HIGH This Week

In Moxa EDS-G516E Series firmware, Version 5.2 or lower, the affected products use a hard-coded cryptographic key, increasing the possibility that confidential data can be recovered. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Eds G516E Firmware Eds 510E Firmware
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2020-6993 HIGH This Week

In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, an attacker can gain access to sensitive information from the web service without. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pt 7528 24Tx Hv Firmware Pt 7528 24Tx Hv Hv Firmware Pt 7528 24Tx Wv Firmware Pt 7528 24Tx Wv Hv Firmware +51
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2020-6987 HIGH This Week

In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, the affected products use a weak cryptographic algorithm, which may allow confidential. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pt 7528 24Tx Hv Firmware Pt 7528 24Tx Hv Hv Firmware Pt 7528 24Tx Wv Firmware Pt 7528 24Tx Wv Hv Firmware +51
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2020-6983 HIGH This Week

In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, the affected products use a hard-coded cryptographic key, which increases the possibility. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pt 7528 24Tx Hv Firmware Pt 7528 24Tx Hv Hv Firmware Pt 7528 24Tx Wv Firmware Pt 7528 24Tx Wv Hv Firmware +51
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2020-7003 HIGH This Week

In Moxa ioLogik 2500 series firmware, Version 3.0 or lower, and IOxpress configuration utility, Version 2.3.0 or lower, sensitive information is transmitted over some web applications in clear text. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Iologik 2512 Firmware Iologik 2512 T Firmware Iologik 2512 Hspa Firmware Iologik 2512 Hspa T Firmware +16
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2020-10854 HIGH This Week

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Information Disclosure Android
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2020-10833 HIGH This Week

An issue was discovered on Samsung mobile devices with Q(10.0) software. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Authentication Bypass Android
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2020-10831 HIGH This Week

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Information Disclosure Android
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2020-6978 HIGH This Week

In Honeywell WIN-PAK 4.7.2, Web and prior versions, the affected product is vulnerable due to the usage of old jQuery libraries. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Honeywell Information Disclosure Win Pak
NVD
CVSS 3.1
7.2
EPSS
0.8%
CVE-2020-10934 HIGH This Week

Acyba AcyMailing before 6.9.2 mishandles file uploads by admins. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

File Upload Acymailing
NVD
CVSS 3.1
7.2
EPSS
1.3%
CVE-2020-10840 HIGH This Week

An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (Exynos 9610 chipsets) software. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Samsung Information Disclosure Android
NVD
CVSS 3.1
7.1
EPSS
0.1%
CVE-2020-10684 HIGH PATCH This Week

A flaw was found in Ansible Engine, all versions 2.7.x, 2.8.x and 2.9.x prior to 2.7.17, 2.8.9 and 2.9.6 respectively, when using ansible_facts as a subkey of itself and promoting it to a variable. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

RCE Privilege Escalation Code Injection Ansible Ansible Tower +3
NVD
CVSS 3.1
7.1
EPSS
0.3%
CVE-2020-10843 HIGH This Week

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (S.LSI chipsets) software. Rated high severity (CVSS 7.0). No vendor patch available.

Race Condition Samsung Information Disclosure Android
NVD
CVSS 3.1
7.0
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy