Skip to main content
CVE-2020-12007 CRITICAL Act Now

A specially crafted communication packet sent to the affected devices could allow remote code execution and a denial-of-service condition due to a deserialization vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Deserialization Mc Works Mc Works32 Energy Analytix +8
NVD
CVSS 3.1
9.8
EPSS
3.9%
CVE-2020-12011 CRITICAL Act Now

A specially crafted communication packet sent to the affected systems could cause a denial-of-service condition or allow remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Mc Works Mc Works32 +9
NVD
CVSS 3.1
9.8
EPSS
29.2%
CVE-2020-3357 CRITICAL Act Now

A vulnerability in the Secure Sockets Layer (SSL) VPN feature of Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an unauthenticated, remote attacker to. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service RCE Rv340 Dual Wan Gigabit Vpn Router Firmware Rv340W Dual Wan Gigabit Wireless Ac Vpn Router Firmware +2
NVD
CVSS 3.1
9.8
EPSS
4.2%
CVE-2020-3331 CRITICAL Act Now

A vulnerability in the web-based management interface of Cisco RV110W Wireless-N VPN Firewall and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to execute. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Cisco RCE Rv110W Wireless N Vpn Firewall Firmware Rv215W Wireless N Vpn Router Firmware
NVD
CVSS 3.1
9.8
EPSS
42.7%
CVE-2020-3330 CRITICAL Act Now

A vulnerability in the Telnet service of Cisco Small Business RV110W Wireless-N VPN Firewall Routers could allow an unauthenticated, remote attacker to take full control of the device with a. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Rv110W Wireless N Vpn Firewall Firmware
NVD
CVSS 3.1
9.8
EPSS
3.4%
CVE-2020-3323 CRITICAL Act Now

A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to execute arbitrary code on an. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Cisco RCE Rv110W Wireless N Vpn Firewall Firmware Rv130 Vpn Router Firmware +2
NVD
CVSS 3.1
9.8
EPSS
5.7%
CVE-2020-3144 CRITICAL Act Now

A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, RV130 VPN Router, RV130W Wireless-N Multifunction VPN Router, and RV215W Wireless-N VPN Router could. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Rv110W Firmware Rv130 Firmware Rv130W Firmware +1
NVD
CVSS 3.1
9.8
EPSS
2.9%
CVE-2020-3140 CRITICAL Act Now

A vulnerability in the web management interface of Cisco Prime License Manager (PLM) Software could allow an unauthenticated, remote attacker to gain unauthorized access to an affected device. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Prime License Manager
NVD
CVSS 3.1
9.8
EPSS
3.1%
CVE-2020-15027 CRITICAL Act Now

ConnectWise Automate through 2020.x has insufficient validation on certain authentication paths, allowing authentication bypass via a series of attempts. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Automate
NVD
CVSS 3.1
9.8
EPSS
1.3%
CVE-2020-14000 CRITICAL PATCH Act Now

MIT Lifelong Kindergarten Scratch scratch-vm before 0.2.0-prerelease.20200714185213 loads extension URLs from untrusted project.json files with certain _ characters, resulting in remote code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Deserialization Scratch Vm
NVD GitHub
CVSS 3.1
9.8
EPSS
2.8%
CVE-2020-12013 CRITICAL Act Now

A specially crafted WCF client that interfaces to the may allow the execution of certain arbitrary SQL commands remotely. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Code Injection Mc Works32 Mc Works64 Energy Analytix +8
NVD
CVSS 3.1
9.1
EPSS
3.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy