Skip to main content
CVE-2020-7691 MEDIUM POC PATCH This Month

In all versions of the package jspdf, it is possible to use <<script>script> in order to go over the filtering regex. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Jspdf
NVD
CVSS 3.1
6.1
EPSS
1.6%
CVE-2020-7690 MEDIUM POC PATCH This Month

All affected versions <2.0.0 of package jspdf are vulnerable to Cross-site Scripting (XSS). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Jspdf
NVD GitHub
CVSS 3.1
6.1
EPSS
1.0%
CVE-2020-15570 MEDIUM POC This Month

The parse_report() function in whoopsie.c in Whoopsie through 0.2.69 mishandles memory allocation failures, which allows an attacker to cause a denial of service via a malformed crash file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Whoopsie
NVD GitHub
CVSS 3.1
5.5
EPSS
1.1%
CVE-2020-10760 MEDIUM This Month

A use-after-free flaw was found in all samba LDAP server versions before 4.10.17, before 4.11.11, before 4.12.4 used in a AC DC configuration. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Use After Free Denial Of Service Memory Corruption Samba Ubuntu Linux +2
NVD
CVSS 3.1
6.5
EPSS
2.7%
CVE-2020-5356 MEDIUM This Month

Dell PowerProtect Data Manager (PPDM) versions prior to 19.4 and Dell PowerProtect X400 versions prior to 3.2 contain an improper authorization vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Dell Authentication Bypass Powerprotect Data Manager Powerprotect X400 Firmware
NVD
CVSS 3.1
6.5
EPSS
1.3%
CVE-2020-1839 MEDIUM This Month

HUAWEI Mate 30 with versions earlier than 10.1.0.150(C00E136R5P3) have a race condition vulnerability. Rated medium severity (CVSS 6.3). No vendor patch available.

Race Condition RCE Huawei Mate 30 Firmware
NVD
CVSS 3.1
6.3
EPSS
0.2%
CVE-2020-15562 MEDIUM PATCH This Month

An issue was discovered in Roundcube Webmail before 1.2.11, 1.3.x before 1.3.14, and 1.4.x before 1.4.7. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Webmail Debian Linux
NVD GitHub
CVSS 3.1
6.1
EPSS
2.1%
CVE-2020-9226 MEDIUM This Month

HUAWEI P30 with versions earlier than 10.1.0.135(C00E135R2P11) have an improper signature verification vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Jwt Attack Huawei Information Disclosure P30 Firmware
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2020-1838 MEDIUM This Month

HUAWEI Mate 30 Pro with versions earlier than 10.1.0.150(C00E136R5P3) have is an improper authentication vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Huawei Authentication Bypass Mate 30 Pro Firmware
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2020-15569 MEDIUM PATCH This Month

PlayerGeneric.cpp in MilkyTracker through 1.02.00 has a use-after-free in the PlayerGeneric destructor. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Information Disclosure Milkytracker Debian Linux
NVD GitHub
CVSS 3.1
5.5
EPSS
0.7%
CVE-2020-1836 MEDIUM This Month

HUAWEI P30 with versions earlier than 10.1.0.160(C00E160R2P11) and HUAWEI P30 Pro with versions earlier than 10.1.0.160(C00E160R2P8) have an information disclosure vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required. No vendor patch available.

Huawei Information Disclosure P30 Firmware P30 Pro Firmware
NVD
CVSS 3.1
5.3
EPSS
0.3%
CVE-2020-1837 MEDIUM This Month

ChangXiang 8 Plus with versions earlier than 9.1.0.136(C00E121R1P6T8) have a denial of service vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required. No vendor patch available.

Denial Of Service Changxiang 8 Plus Firmware
NVD
CVSS 3.1
5.3
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy