Skip to main content
CVE-2020-5412 MEDIUM POC PATCH THREAT This Month

Spring Cloud Netflix, versions 2.2.x prior to 2.2.4, versions 2.1.x prior to 2.1.6, and older unsupported versions allow applications to use the Hystrix Dashboard proxy.stream endpoint to make. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Information Disclosure Spring Cloud Netflix
NVD
CVSS 3.1
6.5
EPSS
10.2%
CVE-2020-16168 MEDIUM POC This Month

Origin Validation Error in temi Robox OS prior to 120, temi Android app up to 1.3.7931 allows remote attackers to access the REST API and MQTT broker used by the temi and send it custom data/requests. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Google Information Disclosure Temi Firmware
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2020-15065 MEDIUM This Month

DIGITUS DA-70254 4-Port Gigabit Network Hub 2.073.000.E0008 devices allow an attacker on the same network to denial-of-service the device via long input values. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Da 70254 Firmware
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2020-15061 MEDIUM This Month

Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to denial-of-service the device via long input values. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 42633 Firmware
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2020-15057 MEDIUM This Month

TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same network to denial-of-service the device via long input values. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow TP-Link Tl Ps310U Firmware
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2020-15907 MEDIUM PATCH This Month

In Mahara 19.04 before 19.04.6, 19.10 before 19.10.4, and 20.04 before 20.04.1, certain places could execute file or folder names containing JavaScript. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Mahara
NVD
CVSS 3.1
6.1
EPSS
0.7%
CVE-2020-11985 MEDIUM This Month

IP address spoofing when proxying using mod_remoteip and mod_rewrite For configurations using proxying with mod_remoteip and certain mod_rewrite rules, an attacker could spoof their IP address for. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache Information Disclosure PHP Http Server
NVD
CVSS 3.1
5.3
EPSS
6.8%
CVE-2020-15064 MEDIUM This Month

DIGITUS DA-70254 4-Port Gigabit Network Hub 2.073.000.E0008 devices allow an attacker on the same network to conduct persistent XSS attacks by leveraging administrative privileges to set a crafted. Rated medium severity (CVSS 4.3), this vulnerability is low attack complexity. No vendor patch available.

XSS Da 70254 Firmware
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2020-15060 MEDIUM This Month

Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to conduct persistent XSS attacks by leveraging administrative privileges to set a crafted. Rated medium severity (CVSS 4.3), this vulnerability is low attack complexity. No vendor patch available.

XSS 42633 Firmware
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2020-15056 MEDIUM This Month

TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same network to conduct persistent XSS attacks by leveraging administrative privileges to set a crafted. Rated medium severity (CVSS 4.3), this vulnerability is low attack complexity. No vendor patch available.

XSS TP-Link Tl Ps310U Firmware
NVD
CVSS 3.1
4.3
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy