Skip to main content
CVE-2020-3269 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco RV110W, RV130, RV130W, and RV215W Series Routers could allow an authenticated, remote attacker with administrative privileges. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Cisco Rv110W Firmware Rv130 Firmware Rv130W Firmware +1
NVD
CVSS 3.1
7.2
EPSS
2.6%
CVE-2020-3268 HIGH This Week

Multiple vulnerabilities in the web-based management interface of Cisco RV110W, RV130, RV130W, and RV215W Series Routers could allow an authenticated, remote attacker with administrative privileges. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Cisco Rv110W Firmware Rv130 Firmware Rv130W Firmware +1
NVD
CVSS 3.1
7.2
EPSS
2.6%
CVE-2020-14434 MEDIUM This Month

Certain NETGEAR devices are affected by command injection by an authenticated user. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Netgear Command Injection Rbk752 Firmware Rbk753 Firmware Rbk753S Firmware +9
NVD
CVSS 3.1
6.8
EPSS
0.8%
CVE-2020-14433 MEDIUM This Month

Certain NETGEAR devices are affected by command injection by an authenticated user. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Netgear Command Injection Rbk852 Firmware Rbk853 Firmware Rbk842 Firmware +9
NVD
CVSS 3.1
6.8
EPSS
0.7%
CVE-2020-3236 MEDIUM This Month

A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local attacker to gain root shell access to the underlying operating system and. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Cisco Path Traversal Enterprise Network Function Virtualization Infrastructure
NVD
CVSS 3.1
6.7
EPSS
0.5%
CVE-2020-1835 MEDIUM This Month

HUAWEI Mate 30 with versions earlier than 10.1.0.126(C00E125R5P3) have an information disclosure vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Mate 30 Firmware
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2020-10782 MEDIUM This Month

An exposure of sensitive information flaw was found in Ansible version 3.7.0. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Ansible Tower
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2020-3241 MEDIUM This Month

A vulnerability in the orchestration tasks of Cisco UCS Director could allow an authenticated, remote attacker to perform a path traversal attack on an affected device. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Path Traversal Ucs Director
NVD
CVSS 3.1
6.5
EPSS
2.0%
CVE-2020-3350 MEDIUM This Month

A vulnerability in the endpoint software of Cisco AMP for Endpoints and Clam AntiVirus could allow an authenticated, local attacker to cause the running software to delete arbitrary files on the. Rated medium severity (CVSS 6.3). No vendor patch available.

Race Condition Cisco Information Disclosure Advanced Malware Protection For Endpoints Clam Antivirus +3
NVD
CVSS 3.1
6.3
EPSS
0.3%
CVE-2020-3356 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Cisco Data Center Network Manager
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2020-3337 MEDIUM This Month

A vulnerability in the web server of Cisco Umbrella could allow an unauthenticated, remote attacker to redirect a user to an undesired web page. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Open Redirect Umbrella
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2020-14422 MEDIUM This Month

Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a remote attacker to cause a denial of service if an. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Python Leap Fedora Enterprise Manager Ops Center
NVD GitHub
CVSS 3.1
5.9
EPSS
12.8%
CVE-2020-3368 MEDIUM This Month

A vulnerability in the antispam protection mechanisms of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the URL reputation. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Asyncos
NVD
CVSS 3.1
5.8
EPSS
1.4%
CVE-2020-3347 MEDIUM This Month

A vulnerability in Cisco Webex Meetings Desktop App for Windows could allow an authenticated, local attacker to gain access to sensitive information on an affected system. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Cisco Microsoft Information Disclosure Webex Meetings
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2020-14423 MEDIUM PATCH This Month

Convos before 4.20 does not properly generate a random secret in Core/Settings.pm and Util.pm. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Convos
NVD GitHub
CVSS 3.1
5.3
EPSS
1.1%
CVE-2020-3364 MEDIUM This Month

A vulnerability in the access control list (ACL) functionality of the standby route processor management interface of Cisco IOS XR Software could allow an unauthenticated, remote attacker to reach. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Apple Ios Xr
NVD
CVSS 3.1
5.3
EPSS
0.9%
CVE-2020-3360 MEDIUM This Month

A vulnerability in the Web Access feature of Cisco IP Phones Series 7800 and Series 8800 could allow an unauthenticated, remote attacker to view sensitive information on an affected device. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Information Disclosure Unified Ip Phone 6901 Firmware Unified Ip Phone 6961 Firmware Unified Ip Phone 6945 Firmware +34
NVD
CVSS 3.1
5.3
EPSS
1.3%
CVE-2020-3245 MEDIUM This Month

A vulnerability in the web application of Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an unauthenticated, remote attacker to create arbitrary user accounts. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Smart Software Manager On Prem
NVD
CVSS 3.1
5.3
EPSS
1.2%
CVE-2020-3244 MEDIUM This Month

A vulnerability in the Enhanced Charging Service (ECS) functionality of Cisco ASR 5000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass the traffic. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Staros
NVD
CVSS 3.1
5.3
EPSS
1.0%
CVE-2020-3242 MEDIUM This Month

A vulnerability in the REST API of Cisco UCS Director could allow an authenticated, remote attacker with administrative privileges to obtain confidential information from an affected device. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Ucs Director
NVD
CVSS 3.1
4.9
EPSS
1.1%
CVE-2020-3355 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker with administrative credentials to conduct a cross-site. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Cisco Data Center Network Manager
NVD
CVSS 3.1
4.8
EPSS
0.6%
CVE-2020-3354 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker with administrative credentials to conduct a cross-site. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Cisco Data Center Network Manager
NVD
CVSS 3.1
4.8
EPSS
0.6%
CVE-2020-3362 MEDIUM This Month

A vulnerability in the CLI of Cisco Network Services Orchestrator (NSO) could allow an authenticated, local attacker to access confidential information on an affected device. Rated medium severity (CVSS 4.7). No vendor patch available.

Cisco Information Disclosure Network Services Orchestrator
NVD
CVSS 3.1
4.7
EPSS
0.2%
CVE-2020-1834 MEDIUM This Month

HUAWEI P30 and HUAWEI P30 Pro with versions earlier than 10.1.0.135(C00E135R2P11) and versions earlier than 10.1.0.135(C00E135R2P8) have an insufficient integrity check vulnerability. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure P30 Firmware P30 Pro Firmware
NVD
CVSS 3.1
4.6
EPSS
0.1%
CVE-2020-13882 MEDIUM This Month

CISOfy Lynis before 3.0.0 has Incorrect Access Control because of a TOCTOU race condition. Rated medium severity (CVSS 4.2). No vendor patch available.

Authentication Bypass Lynis Fedora
NVD
CVSS 3.1
4.2
EPSS
0.3%
CVE-2020-14416 MEDIUM PATCH This Month

In the Linux kernel before 5.4.16, a race condition in tty->disc_data handling in the slip and slcan line discipline could lead to a use-after-free, aka CID-0ace17d56824. Rated medium severity (CVSS 4.2), this vulnerability is low attack complexity.

Race Condition Linux Information Disclosure Linux Kernel Leap
NVD
CVSS 3.1
4.2
EPSS
0.3%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy