Skip to main content
CVE-2020-8834 MEDIUM POC This Month

{save,restore}_tm, leading to a stack corruption. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Linux Information Disclosure Linux Kernel Ubuntu Linux Leap
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2020-11556 MEDIUM POC This Month

An issue was discovered in Castle Rock SNMPc Online 12.10.10 before 2020-01-28. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Snmpc Online
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2020-1633 MEDIUM This Month

Due to a new NDP proxy feature for EVPN leaf nodes introduced in Junos OS 17.4, crafted NDPv6 packets could transit a Junos device configured as a Broadband Network Gateway (BNG) and reach the EVPN. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Juniper Junos
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2020-7922 MEDIUM This Month

X.509 certificates generated by the MongoDB Enterprise Kubernetes Operator may allow an attacker with access to the Kubernetes cluster improper access to MongoDB instances. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Kubernetes Information Disclosure Mongodb Enterprise Kubernetes Operator
NVD GitHub
CVSS 3.1
6.5
EPSS
0.7%
CVE-2020-10623 MEDIUM This Month

Multiple vulnerabilities could allow an attacker with low privileges to perform SQL injection on WebAccess/NMS (versions prior to 3.0.2) to gain access to sensitive information. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Webaccess Nms
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2020-5263 MEDIUM PATCH This Month

auth0.js (NPM package auth0-js) greater than version 8.0.0 and before version 9.12.3 has a vulnerability. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. This Insufficiently Protected Credentials vulnerability could allow attackers to obtain user credentials due to weak protection mechanisms.

Node.js Information Disclosure Auth0 Js
NVD GitHub
CVSS 3.1
4.9
EPSS
0.9%
CVE-2020-9500 MEDIUM This Month

Some products of Dahua have Denial of Service vulnerabilities. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Dahua Sd6Al Firmware Sd5A Firmware Sd1A Firmware +16
NVD
CVSS 3.1
4.9
EPSS
1.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy