Skip to main content
CVE-2020-15480 HIGH POC This Week

An issue was discovered in PassMark BurnInTest through 9.1, OSForensics through 7.1, and PerformanceTest through 10. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

RCE Burnintest Osforensics Performancetest
NVD GitHub
CVSS 3.1
8.8
EPSS
0.6%
CVE-2020-15479 HIGH POC This Week

An issue was discovered in PassMark BurnInTest through 9.1, OSForensics through 7.1, and PerformanceTest through 10. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Burnintest Osforensics Performancetest
NVD GitHub
CVSS 3.1
8.8
EPSS
0.7%
CVE-2020-11993 HIGH POC PATCH THREAT This Week

Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Apache Request Smuggling Information Disclosure Http Server Clustered Data Ontap +11
NVD
CVSS 3.1
7.5
EPSS
58.7%
CVE-2020-15063 HIGH This Week

DIGITUS DA-70254 4-Port Gigabit Network Hub 2.073.000.E0008 devices allow an attacker on the same network to bypass authentication via a web-administration request that lacks a password parameter. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Da 70254 Firmware
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2020-15062 HIGH This Week

DIGITUS DA-70254 4-Port Gigabit Network Hub 2.073.000.E0008 devices allow an attacker on the same network to elevate privileges because the administrative password can be discovered by sniffing. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Da 70254 Firmware
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2020-15059 HIGH This Week

Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to bypass authentication via a web-administration request that lacks a password parameter. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass 42633 Firmware
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2020-15058 HIGH This Week

Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to elevate privileges because the administrative password can be discovered by sniffing. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure 42633 Firmware
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2020-15055 HIGH This Week

TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same network to bypass authentication via a web-administration request that lacks a password parameter. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass TP-Link Tl Ps310U Firmware
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2020-15054 HIGH This Week

TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same network to elevate privileges because the administrative password can be discovered by sniffing. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure TP-Link Tl Ps310U Firmware
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2020-17352 HIGH PATCH This Week

Two OS command injection vulnerabilities in the User Portal of Sophos XG Firewall through 2020-08-05 potentially allow an authenticated attacker to remotely execute arbitrary code. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Sophos RCE Command Injection Xg Firewall Firmware
NVD
CVSS 3.1
8.8
EPSS
4.1%
CVE-2020-7810 HIGH This Week

hslogin2.dll ActiveX Control in Groupware contains a vulnerability that could allow remote files to be downloaded and executed by setting the arguments to the activex method. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Hslogin2 Dll
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2020-11852 HIGH This Week

DKIM key management page vulnerability on Micro Focus Secure Messaging Gateway (SMG). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Secure Messaging Gateway
NVD
CVSS 3.1
8.8
EPSS
1.4%
CVE-2020-8026 HIGH This Week

A Incorrect Default Permissions vulnerability in the packaging of inn in openSUSE Leap 15.2, openSUSE Tumbleweed, openSUSE Leap 15.1 allows local attackers with control of the new user to escalate. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Backports Sle Tumbleweed Leap
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-16227 HIGH This Week

Delta Electronics TPEditor Versions 1.97 and prior. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Tpeditor
NVD
CVSS 3.1
7.8
EPSS
1.9%
CVE-2020-16225 HIGH This Week

Delta Electronics TPEditor Versions 1.97 and prior. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Tpeditor
NVD
CVSS 3.1
7.8
EPSS
2.1%
CVE-2020-16223 HIGH This Week

Delta Electronics TPEditor Versions 1.97 and prior. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Heap Overflow Tpeditor
NVD
CVSS 3.1
7.8
EPSS
2.2%
CVE-2020-16221 HIGH This Week

Delta Electronics TPEditor Versions 1.97 and prior. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow Tpeditor
NVD
CVSS 3.1
7.8
EPSS
2.2%
CVE-2020-16219 HIGH This Week

Delta Electronics TPEditor Versions 1.97 and prior. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Information Disclosure Tpeditor
NVD
CVSS 3.1
7.8
EPSS
2.6%
CVE-2020-15138 HIGH PATCH This Week

Prism is vulnerable to Cross-Site Scripting. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS RCE Apple Previewers
NVD GitHub
CVSS 3.1
7.5
EPSS
2.0%
CVE-2020-9490 HIGH PATCH This Week

Apache HTTP Server versions 2.4.20 to 2.4.43. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This HTTP Request/Response Smuggling vulnerability could allow attackers to manipulate HTTP request interpretation between frontend and backend servers.

Apache Request Smuggling Denial Of Service Http Server Communications Element Manager +23
NVD
CVSS 3.1
7.5
EPSS
89.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy