Skip to main content
CVE-2020-14295 HIGH POC THREAT Act Now

A SQL injection issue in color.php in Cacti 1.2.12 allows an admin to inject SQL via the filter parameter. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Cacti Fedora
NVD GitHub Exploit-DB
CVSS 3.1
7.2
EPSS
86.3%
CVE-2020-13224 HIGH POC This Week

TP-LINK NC200 devices through 2.1.10 build 200401, NC210 devices through 1.0.10 build 200401, NC220 devices through 1.3.1 build 200401, NC230 devices through 1.3.1 build 200401, NC250 devices through. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow TP-Link Nc200 Firmware Nc210 Firmware Nc220 Firmware +4
NVD
CVSS 3.1
8.8
EPSS
2.2%
CVE-2020-11900 HIGH POC THREAT This Week

The Treck TCP/IP stack before 6.0.1.41 has an IPv4 tunneling Double Free. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Tcp Ip
NVD
CVSS 3.1
8.2
EPSS
12.8%
CVE-2020-14157 HIGH POC This Week

The wireless-communication feature of the ABUS Secvest FUBE50001 device does not encrypt sensitive data such as PIN codes or IDs of used proximity chip keys (RFID tokens). Rated high severity (CVSS 8.1), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Secvest Wireless Control Fube50001 Firmware
NVD
CVSS 3.1
8.1
EPSS
0.8%
CVE-2020-9332 HIGH POC This Week

ftusbbus2.sys in FabulaTech USB for Remote Desktop through 2020-02-19 allows privilege escalation via crafted IoCtl code related to a USB HID device. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Usb For Remote Desktop
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2020-11904 HIGH POC This Week

The Treck TCP/IP stack before 6.0.1.66 has an Integer Overflow during Memory Allocation that causes an Out-of-Bounds Write. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Integer Overflow Tcp Ip
NVD
CVSS 3.1
7.3
EPSS
3.2%
CVE-2020-11902 HIGH POC This Week

The Treck TCP/IP stack before 6.0.1.66 has an IPv6OverIPv4 tunneling Out-of-bounds Read. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Tcp Ip
NVD
CVSS 3.1
7.3
EPSS
9.3%
CVE-2020-12827 HIGH POC PATCH This Week

MJML prior to 4.6.3 contains a path traversal vulnerability when processing the mj-include directive within an MJML document. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Path Traversal Mjml
NVD GitHub
CVSS 3.1
7.2
EPSS
2.7%
CVE-2020-6869 HIGH This Week

All versions up to 10.06 of ZTEMarket APK are impacted by an information leak vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Ztemarket Apk
NVD
CVSS 3.1
8.1
EPSS
0.9%
CVE-2020-14040 HIGH PATCH This Week

The x/text package before 0.3.3 for Go has a vulnerability in encoding/unicode that could lead to the UTF-16 decoder entering an infinite loop, causing the program to crash or run out of memory. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Text Fedora
NVD
CVSS 3.1
7.5
EPSS
1.9%
CVE-2020-13637 HIGH This Week

An issue was discovered in the stashcat app through 3.9.2 for macOS, Windows, Android, iOS, and possibly other platforms. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Microsoft Apple Stashcat
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2020-14400 HIGH PATCH This Week

An issue was discovered in LibVNCServer before 0.9.13. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Libvncserver Debian Linux Leap Ubuntu Linux
NVD GitHub
CVSS 3.1
7.5
EPSS
2.8%
CVE-2020-14399 HIGH PATCH This Week

An issue was discovered in LibVNCServer before 0.9.13. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Libvncserver Debian Linux Leap Ubuntu Linux
NVD GitHub
CVSS 3.1
7.5
EPSS
2.8%
CVE-2020-14398 HIGH PATCH This Week

An issue was discovered in LibVNCServer before 0.9.13. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Libvncserver Ubuntu Linux Debian Linux Simatic Itc1500 Firmware +6
NVD GitHub
CVSS 3.1
7.5
EPSS
2.8%
CVE-2020-14397 HIGH PATCH This Week

An issue was discovered in LibVNCServer before 0.9.13. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Libvncserver Ubuntu Linux Debian Linux +7
NVD GitHub
CVSS 3.1
7.5
EPSS
3.4%
CVE-2020-14396 HIGH PATCH This Week

An issue was discovered in LibVNCServer before 0.9.13. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Libvncserver Ubuntu Linux Debian Linux +6
NVD GitHub
CVSS 3.1
7.5
EPSS
2.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy