Skip to main content
CVE-2020-13643 HIGH POC This Week

An issue was discovered in the SiteOrigin Page Builder plugin before 2.10.16 for WordPress. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress CSRF Page Builder
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2020-13642 HIGH POC This Week

An issue was discovered in the SiteOrigin Page Builder plugin before 2.10.16 for WordPress. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress CSRF Page Builder
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2020-13641 HIGH POC This Week

An issue was discovered in the Real-Time Find and Replace plugin before 4.0.2 for WordPress. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress CSRF Real Time Find And Replace
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2020-11950 HIGH This Week

VIVOTEK Network Cameras before XXXXX-VVTK-2.2002.xx.01x (and before XXXXX-VVTK-0XXXX_Beta2) allows an authenticated user to upload and execute a script (with resultant execution of OS commands). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Cc9381 Hv Firmware Fd9360 H Firmware Fd9368 Htv Firmware Fd9380 H Firmware +196
NVD
CVSS 3.1
8.8
EPSS
2.7%
CVE-2020-13173 HIGH This Week

Initialization of the pcoip_credential_provider in Teradici PCoIP Standard Agent for Windows and PCoIP Graphics Agent for Windows versions 19.11.1 and earlier creates an insecure named pipe, which. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Race Condition Microsoft Information Disclosure Pcoip Graphics Agent Pcoip Standard Agent
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2020-8330 HIGH This Week

A denial of service vulnerability was reported in the firmware prior to version 1.01 used in Lenovo Printer LJ4010DN that could be triggered by a remote user sending a crafted packet to the device,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Lenovo Denial Of Service Lj4010Dn Firmware Lj6700Dn Firmware M8960Dnf Firmware
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2020-8329 HIGH This Week

A denial of service vulnerability was reported in the firmware prior to version 1.01 used in Lenovo Printer LJ4010DN that could be triggered by a remote user sending a crafted packet to the device,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Lenovo Denial Of Service Lj4010Dn Firmware Lj6700Dn Firmware M8960Dnf Firmware
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2020-4245 HIGH PATCH This Week

IBM Security Identity Governance and Intelligence 5.2.6 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure IBM Brute Force Security Identity Governance And Intelligence
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2020-4232 HIGH PATCH This Week

IBM Security Identity Governance and Intelligence 5.2.6 could allow an attacker to enumerate usernames to find valid login credentials which could be used to attempt further attacks against the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

IBM Information Disclosure Security Identity Governance And Intelligence
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2020-13649 HIGH PATCH This Week

parser/js/js-scanner.c in JerryScript 2.2.0 mishandles errors during certain out-of-memory conditions, as demonstrated by a scanner_reverse_info_list NULL pointer dereference and a scanner_scan_all. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Null Pointer Dereference Denial Of Service Jerryscript
NVD GitHub
CVSS 3.1
7.5
EPSS
2.1%
CVE-2020-4246 HIGH PATCH This Week

IBM Security Identity Governance and Intelligence 5.2.6 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. This XML External Entity (XXE) vulnerability could allow attackers to read arbitrary files or perform SSRF through XML processing.

IBM XXE Security Identity Governance And Intelligence
NVD
CVSS 3.1
7.1
EPSS
1.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy