Skip to main content
CVE-2020-14473 CRITICAL POC Act Now

Stack-based buffer overflow vulnerability in Vigor3900, Vigor2960, and Vigor300B with firmware before 1.5.1.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Vigor300b Firmware Vigor2960 Firmware Vigor3900 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
2.3%
CVE-2020-14472 CRITICAL POC Act Now

On Draytek Vigor3900, Vigor2960, and Vigor 300B devices before 1.5.1.1, there are some command-injection vulnerabilities in the mainfunction.cgi file. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Vigor300b Firmware Vigor2960 Firmware Vigor3900 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
2.9%
CVE-2020-13484 CRITICAL POC Act Now

Bitrix24 through 20.0.975 allows SSRF via an intranet IP address in the services/main/ajax.php?action=attachUrlPreview url parameter, if the destination URL hosts an HTML document containing '<meta. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SSRF PHP Bitrix24
NVD GitHub
CVSS 3.1
9.8
EPSS
2.0%
CVE-2020-10272 CRITICAL POC Act Now

MiR100, MiR200 and other MiR robots use the Robot Operating System (ROS) default packages exposing the computational graph without any sort of authentication. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Mir100 Firmware Mir200 Firmware Mir250 Firmware Mir500 Firmware +6
NVD GitHub
CVSS 3.1
9.8
EPSS
2.5%
CVE-2020-10271 CRITICAL POC Act Now

MiR100, MiR200 and other MiR robots use the Robot Operating System (ROS) default packages exposing the computational graph to all network interfaces, wireless and wired. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Mir100 Firmware Mir200 Firmware Mir250 Firmware Mir500 Firmware +6
NVD GitHub
CVSS 3.1
9.8
EPSS
1.8%
CVE-2020-10270 CRITICAL POC Act Now

Out of the wired and wireless interfaces within MiR100, MiR200 and other vehicles from the MiR fleet, it's possible to access the Control Dashboard on a hardcoded IP address. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Mir100 Firmware Mir200 Firmware Mir250 Firmware Mir500 Firmware +6
NVD GitHub
CVSS 3.1
9.8
EPSS
1.7%
CVE-2020-15046 HIGH POC This Week

The web interface on Supermicro X10DRH-iT motherboards with BIOS 2.0a and IPMI firmware 03.40 allows remote attackers to exploit a cgi/config_user.cgi CSRF issue to add new admin users. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF X10Drh It Bios X10Drh It Firmware
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
2.3%
CVE-2020-13443 HIGH POC This Week

ExpressionEngine before 5.3.2 allows remote attackers to upload and execute arbitrary code in a .php%20 file via Compose Msg, Add attachment, and Save As Draft actions. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload RCE PHP Expressionengine
NVD GitHub
CVSS 3.1
8.8
EPSS
4.3%
CVE-2020-15014 HIGH POC This Week

pramodmahato BlogCMS through 2019-12-31 has admin/changepass.php CSRF. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP Blogcms
NVD GitHub
CVSS 3.1
8.8
EPSS
0.5%
CVE-2020-12861 HIGH POC PATCH This Week

A heap buffer overflow in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-080. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow RCE Memory Corruption Sane Backends Ubuntu Linux +1
NVD GitHub
CVSS 3.1
8.8
EPSS
3.0%
CVE-2020-12865 HIGH POC This Week

A heap buffer overflow in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-084. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Memory Corruption Sane Backends Ubuntu Linux +2
NVD GitHub
CVSS 3.1
8.0
EPSS
1.5%
CVE-2020-14017 HIGH POC This Week

An issue was discovered in Navigate CMS 2.9 r1433. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Navigate Cms
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2020-14015 HIGH POC This Week

An issue was discovered in Navigate CMS 2.9 r1433. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Navigate Cms
NVD
CVSS 3.1
7.5
EPSS
1.4%
CVE-2020-13700 HIGH POC THREAT This Week

An issue was discovered in the acf-to-rest-api plugin through 3.1.0 for WordPress. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress Authentication Bypass Acf To Rest Api
NVD GitHub
CVSS 3.1
7.5
EPSS
13.5%
CVE-2020-7667 HIGH POC PATCH This Week

In package github.com/sassoftware/go-rpmutils/cpio before version 0.1.0, the CPIO extraction functionality doesn't sanitize the paths of the archived files for leading and non-leading ".." which. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Path Traversal Go Rpm Utils
NVD GitHub
CVSS 3.1
7.5
EPSS
1.6%
CVE-2020-13247 HIGH POC This Week

BooleBox Secure File Sharing Utility before 4.2.3.0 allows CSV injection via a crafted user name that is mishandled during export from the activity logs in the Audit Area. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Code Injection Boolebox
NVD
CVSS 3.1
7.3
EPSS
1.0%
CVE-2020-15018 MEDIUM POC This Month

playSMS through 1.4.3 is vulnerable to session fixation. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Session Fixation Information Disclosure Playsms
NVD GitHub
CVSS 3.1
6.5
EPSS
0.9%
CVE-2020-15015 MEDIUM POC This Month

The FileExplorer component in GleamTech FileUltimate 6.1.5.0 allows XSS via an SVG document. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Fileultimate
NVD GitHub
CVSS 3.1
6.1
EPSS
0.7%
CVE-2020-14018 MEDIUM POC This Month

An issue was discovered in Navigate CMS 2.9 r1433. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Navigate Cms
NVD
CVSS 3.1
6.1
EPSS
0.9%
CVE-2020-13483 MEDIUM POC This Month

The Web Application Firewall in Bitrix24 through 20.0.0 allows XSS via the items[ITEMS][ID] parameter to the components/bitrix/mobileapp.list/ajax.php/ URI. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Bitrix24
NVD GitHub
CVSS 3.1
6.1
EPSS
4.5%
CVE-2020-11960 CRITICAL Act Now

Xiaomi router R3600 ROM before 1.0.50 is affected by a vulnerability when checking backup file in c_upload interface let attacker able to extract malicious file under any location in /tmp, lead to. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Xiaomi R3600 Firmware
NVD
CVSS 3.1
9.8
EPSS
1.4%
CVE-2020-10561 CRITICAL Act Now

An issue was discovered on Xiaomi Mi Jia ink-jet printer < 3.4.6_0138. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Mijia Inkjet Printer Firmware
NVD
CVSS 3.1
9.8
EPSS
2.5%
CVE-2020-14095 CRITICAL Act Now

In Xiaomi router R3600, ROM version<1.0.20, a connect service suffers from an injection vulnerability through the web interface, leading to a stack overflow or remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Xiaomi R3600 Firmware
NVD
CVSS 3.1
9.8
EPSS
2.3%
CVE-2020-14094 CRITICAL Act Now

In Xiaomi router R3600, ROM version<1.0.20, the connection service can be injected through the web interface, resulting in stack overflow or remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Xiaomi R3600 Firmware
NVD
CVSS 3.1
9.8
EPSS
2.3%
CVE-2020-15007 CRITICAL PATCH Act Now

A buffer overflow in the M_LoadDefaults function in m_misc.c in id Tech 1 (aka Doom engine) allows arbitrary code execution via an unsafe usage of fscanf, because it does not limit the number of. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow RCE Tech 1 Doom Vanille
NVD GitHub
CVSS 3.1
9.8
EPSS
2.3%
CVE-2020-10279 CRITICAL Act Now

MiR robot controllers (central computation unit) makes use of Ubuntu 16.04.2 an operating system, Thought for desktop uses, this operating system presents insecure defaults for robots. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Ubuntu Privilege Escalation Mir100 Firmware Mir200 Firmware +8
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2020-10276 CRITICAL Act Now

The password for the safety PLC is the default and thus easy to find (in manuals, etc.). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Mir100 Firmware Mir200 Firmware Mir250 Firmware Mir500 Firmware +6
NVD GitHub
CVSS 3.1
9.8
EPSS
1.5%
CVE-2020-10275 CRITICAL Act Now

The access tokens for the REST API are directly derived from the publicly available default credentials for the web interface. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Mir100 Firmware Mir200 Firmware Mir250 Firmware Mir500 Firmware +6
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2020-10269 CRITICAL Act Now

One of the wireless interfaces within MiR100, MiR200 and possibly (according to the vendor) other MiR fleet vehicles comes pre-configured in WiFi Master (Access Point) mode. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Mir100 Firmware Mir200 Firmware Mir250 Firmware Mir500 Firmware +6
NVD GitHub
CVSS 3.1
9.8
EPSS
1.4%
CVE-2020-12866 MEDIUM POC This Month

A NULL pointer dereference in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, GHSL-2020-079. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Sane Backends Ubuntu Linux Leap
NVD GitHub
CVSS 3.1
5.7
EPSS
1.0%
CVE-2020-15038 MEDIUM POC This Month

The SeedProd coming-soon plugin before 5.1.1 for WordPress allows XSS. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS WordPress Coming Soon Page Under Construction Maintenance Mode
NVD Exploit-DB
CVSS 3.1
5.4
EPSS
3.8%
CVE-2020-13248 MEDIUM POC This Month

BooleBox Secure File Sharing Utility before 4.2.3.0 allows stored XSS via a crafted avatar field within My Account JSON data to Account.aspx. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Boolebox
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2020-14014 MEDIUM POC This Month

An issue was discovered in Navigate CMS 2.8 and 2.9 r1433. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Navigate Cms
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2020-14007 MEDIUM POC This Month

Solarwinds Orion (with Web Console WPM 2019.4.1, and Orion Platform HF4 or NPM HF2 2019.4) allows XSS via a name of an alert definition. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Node.js Orion Network Performance Monitor Orion Web Performance Monitor
NVD GitHub
CVSS 3.1
5.4
EPSS
1.1%
CVE-2020-14006 MEDIUM POC This Month

Solarwinds Orion (with Web Console WPM 2019.4.1, and Orion Platform HF4 or NPM HF2 2019.4) allows XSS via a Responsible Team. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Node.js Orion Network Performance Monitor Orion Web Performance Monitor
NVD GitHub
CVSS 3.1
5.4
EPSS
1.1%
CVE-2020-15006 MEDIUM POC This Month

Bludit 3.12.0 allows stored XSS via JavaScript code in an SVG document to bl-kernel/ajax/logo-upload.php. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Bludit
NVD GitHub
CVSS 3.1
5.4
EPSS
0.5%
CVE-2020-14016 MEDIUM POC This Month

An issue was discovered in Navigate CMS 2.9 r1433. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Navigate Cms
NVD
CVSS 3.1
5.3
EPSS
1.6%
CVE-2020-15026 MEDIUM POC This Month

Bludit 3.12.0 allows admins to use a /plugin-backup-download?file=../ directory traversal approach for arbitrary file download via backup/plugin.php. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP Path Traversal Bludit
NVD GitHub
CVSS 3.1
4.9
EPSS
1.3%
CVE-2020-15041 MEDIUM POC This Month

PHP-Fusion 9.03.60 allows XSS via the administration/site_links.php Add Site Link field. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Php Fusion
NVD GitHub
CVSS 3.1
4.8
EPSS
0.5%
CVE-2020-14005 HIGH This Week

Solarwinds Orion (with Web Console WPM 2019.4.1, and Orion Platform HF4 or NPM HF2 2019.4) allows remote attackers to execute arbitrary code via a defined event. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Node.js RCE Orion Network Performance Monitor Orion Web Performance Monitor
NVD GitHub
CVSS 3.1
8.8
EPSS
14.3%
CVE-2020-12864 MEDIUM POC This Month

An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Sane Backends Leap Ubuntu Linux
NVD GitHub
CVSS 3.1
4.3
EPSS
1.2%
CVE-2020-12863 MEDIUM POC This Month

An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Sane Backends Ubuntu Linux Debian Linux +1
NVD GitHub
CVSS 3.1
4.3
EPSS
1.0%
CVE-2020-12862 MEDIUM POC This Month

An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Sane Backends Ubuntu Linux Debian Linux +1
NVD GitHub
CVSS 3.1
4.3
EPSS
1.1%
CVE-2020-3962 HIGH This Week

VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain a. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Use After Free Memory Corruption VMware Cloud Foundation +3
NVD
CVSS 3.1
8.2
EPSS
0.6%
CVE-2020-6870 HIGH This Week

The version V12.17.20T115 of ZTE U31R20 product is impacted by a design error vulnerability. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Zte Netnumen U31 R10 Firmware
NVD
CVSS 3.1
8.0
EPSS
0.6%
CVE-2020-5962 HIGH This Week

NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component, in which an attacker with local system access can corrupt a system file, which may. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Nvidia Microsoft Quadro Firmware Geforce Firmware +2
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-3969 HIGH This Week

VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain an. Rated high severity (CVSS 7.8). No vendor patch available.

Buffer Overflow VMware Cloud Foundation Fusion Workstation +1
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2020-11961 HIGH This Week

Xiaomi router R3600 ROM before 1.0.50 is affected by a sensitive information leakage caused by an insecure interface get_config_result without authentication. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Xiaomi R3600 Firmware
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2020-11959 HIGH This Week

An unsafe configuration of nginx lead to information leak in Xiaomi router R3600 ROM before 1.0.50. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Nginx Xiaomi R3600 Firmware
NVD
CVSS 3.1
7.5
EPSS
1.4%
CVE-2020-9494 HIGH This Week

Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.10, and 8.0.0 to 8.0.7 is vulnerable to certain types of HTTP/2 HEADERS frames that can cause the server to allocate a large amount of memory and. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache Denial Of Service Traffic Server Debian Linux
NVD
CVSS 3.1
7.5
EPSS
3.9%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy