Skip to main content
CVE-2020-10983 MEDIUM POC This Month

Gambio GX before 4.0.1.0 allows SQL Injection in admin/mobile.php. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Gambio Gx
NVD
CVSS 3.1
4.9
EPSS
1.4%
CVE-2020-10982 MEDIUM POC This Month

Gambio GX before 4.0.1.0 allows SQL Injection in admin/gv_mail.php. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Gambio Gx
NVD
CVSS 3.1
4.9
EPSS
1.4%
CVE-2020-10985 MEDIUM POC This Month

Gambio GX before 4.0.1.0 allows XSS in admin/coupon_admin.php. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Gambio Gx
NVD
CVSS 3.1
4.8
EPSS
0.6%
CVE-2020-10930 MEDIUM This Month

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR R6700 V1.0.4.84_10.0.58 routers. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Authentication Bypass R6700 Firmware
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2020-4465 MEDIUM PATCH This Month

IBM MQ, IBM MQ Appliance, and IBM MQ for HPE NonStop 8.0, 9.1 CD, and 9.1 LTS is vulnerable to a buffer overflow vulnerability due to an error within the channel processing code. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Denial Of Service IBM Mq Appliance
NVD
CVSS 3.1
6.5
EPSS
1.9%
CVE-2020-15417 MEDIUM This Month

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700 V1.0.4.84_10.0.58 routers. Rated medium severity (CVSS 6.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Netgear Stack Overflow RCE R6700 Firmware
NVD
CVSS 3.1
6.3
EPSS
1.3%
CVE-2020-13913 MEDIUM This Month

An XSS issue in emfd in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to execute JavaScript code via an unauthenticated crafted HTTP request. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Unleashed Firmware
NVD
CVSS 3.1
6.1
EPSS
1.3%
CVE-2020-13971 MEDIUM PATCH This Month

In Shopware before 6.2.3, authenticated users are allowed to use the Mediabrowser fileupload feature to upload SVG images containing JavaScript. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Shopware
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2020-4318 MEDIUM PATCH This Month

IBM Intelligent Operations Center for Emergency Management, Intelligent Operations Center (IOC), and IBM Water Operations for Waternamics are vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Intelligent Operations Center Intelligent Operations Center For Emergency Management Water Operations For Waternamics
NVD
CVSS 3.1
5.4
EPSS
0.7%
CVE-2020-4317 MEDIUM PATCH This Month

IBM Intelligent Operations Center for Emergency Management, Intelligent Operations Center (IOC), and IBM Water Operations for Waternamics are vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Intelligent Operations Center Intelligent Operations Center For Emergency Management Water Operations For Waternamics
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2020-15863 MEDIUM PATCH This Month

hw/net/xgmac.c in the XGMAC Ethernet controller in QEMU before 07-20-2020 has a buffer overflow. Rated medium severity (CVSS 5.3). This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow RCE Denial Of Service Memory Corruption Qemu +2
NVD
CVSS 3.1
5.3
EPSS
0.5%
CVE-2020-15408 MEDIUM This Month

An issue was discovered in Pulse Secure Pulse Connect Secure before 9.1R8. Rated medium severity (CVSS 4.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Ivanti Information Disclosure Pulse Connect Secure Pulse Secure Desktop Client
NVD
CVSS 3.1
4.6
EPSS
0.8%
CVE-2020-15712 MEDIUM This Month

rConfig 3.9.5 could allow a remote authenticated attacker to traverse directories on the system. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP Path Traversal Rconfig
NVD
CVSS 3.1
4.3
EPSS
1.6%
CVE-2020-4319 MEDIUM PATCH This Month

IBM MQ, IBM MQ Appliance, and IBM MQ for HPE NonStop 8.0, 9.1 LTS, and 9.1 CD could allow under special circumstances, an authenticated user to obtain sensitive information due to a data leak from an. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

IBM Information Disclosure Mq Appliance
NVD
CVSS 3.1
4.3
EPSS
0.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy