Skip to main content
CVE-2020-12832 CRITICAL POC PATCH Act Now

WordPress Plugin Simple File List before 4.2.8 is prone to a vulnerability that lets attackers delete arbitrary files because the application fails to properly verify user-supplied input. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

WordPress Path Traversal Simple File List
NVD
CVSS 3.1
9.8
EPSS
7.1%
CVE-2020-12763 CRITICAL POC Act Now

TRENDnet ProView Wireless camera TV-IP512WN 1.0R 1.0.4 is vulnerable to an unauthenticated stack-based buffer overflow in handling RTSP packets. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Denial Of Service Memory Corruption Tv Ip512Wn Firmware
NVD
CVSS 3.1
9.8
EPSS
3.4%
CVE-2020-2001 CRITICAL Act Now

An external control of path and data vulnerability in the Palo Alto Networks PAN-OS Panorama XSLT processing logic that allows an unauthenticated user with network access to PAN-OS management. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Paloalto Information Disclosure Pan Os
NVD
CVSS 3.1
9.8
EPSS
1.3%
CVE-2020-9502 CRITICAL Act Now

Some Dahua products with Build time before December 2019 have Session ID predictable vulnerabilities. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Dahua Information Disclosure Sd6Al Firmware Sd5A Firmware Sd1A Firmware +17
NVD
CVSS 3.1
9.8
EPSS
1.7%
CVE-2020-7454 CRITICAL Act Now

In FreeBSD 12.1-STABLE before r360971, 12.1-RELEASE before p5, 11.4-STABLE before r360971, 11.4-BETA1 before p1 and 11.3-RELEASE before p9, libalias does not properly validate packet length resulting. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Freebsd
NVD
CVSS 3.1
9.8
EPSS
2.7%
CVE-2020-10654 CRITICAL Act Now

Ping Identity PingID SSH before 4.0.14 contains a heap buffer overflow in PingID-enrolled servers. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Pingid Ssh Integration
NVD
CVSS 3.1
9.8
EPSS
3.5%
CVE-2020-2018 CRITICAL Act Now

An authentication bypass vulnerability in the Panorama context switching feature allows an attacker with network access to a Panorama's management interface to gain privileged access to managed. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Paloalto Authentication Bypass Pan Os
NVD
CVSS 3.1
9.0
EPSS
1.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy