Skip to main content
CVE-2020-17498 MEDIUM POC PATCH This Month

In Wireshark 3.2.0 to 3.2.5, the Kafka protocol dissector could crash. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Wireshark Fedora Leap Zfs Storage Appliance Kit
NVD
CVSS 3.1
6.5
EPSS
2.9%
CVE-2020-13280 MEDIUM POC This Month

For GitLab before 13.0.12, 13.1.6, 13.2.3 a memory exhaustion flaw exists due to excessive logging of an invite email error message. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Gitlab Denial Of Service
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2020-24349 MEDIUM POC This Month

njs through 0.4.3, used in NGINX, allows control-flow hijack in njs_value_property in njs_value.c. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Use After Free Memory Corruption Nginx Njs
NVD GitHub
CVSS 3.1
5.5
EPSS
0.5%
CVE-2020-24348 MEDIUM POC This Month

njs through 0.4.3, used in NGINX, has an out-of-bounds read in njs_json_stringify_iterator in njs_json.c. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Nginx Information Disclosure Njs
NVD GitHub
CVSS 3.1
5.5
EPSS
0.4%
CVE-2020-24347 MEDIUM POC This Month

njs through 0.4.3, used in NGINX, has an out-of-bounds read in njs_lvlhsh_level_find in njs_lvlhsh.c. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Nginx Information Disclosure Njs
NVD GitHub
CVSS 3.1
5.5
EPSS
0.4%
CVE-2020-24332 MEDIUM POC PATCH This Month

An issue was discovered in TrouSerS through 0.3.14. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Trousers Fedora
NVD
CVSS 3.1
5.5
EPSS
0.6%
CVE-2020-17538 MEDIUM POC This Month

A buffer overflow vulnerability in GetNumSameData() in contrib/lips4/gdevlips.c of Artifex Software GhostScript from v9.18 to v9.50 allows a remote attacker to cause a denial of service via a crafted. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Memory Corruption Ghostscript Debian Linux +1
NVD
CVSS 3.1
5.5
EPSS
1.9%
CVE-2020-16310 MEDIUM POC This Month

A division by zero vulnerability in dot24_print_page() in devices/gdevdm24.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Ghostscript Debian Linux Ubuntu Linux
NVD
CVSS 3.1
5.5
EPSS
1.8%
CVE-2020-16309 MEDIUM POC This Month

A buffer overflow vulnerability in lxm5700m_print_page() in devices/gdevlxm.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted eps file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Memory Corruption Ghostscript Debian Linux +1
NVD
CVSS 3.1
5.5
EPSS
1.9%
CVE-2020-16308 MEDIUM POC This Month

A buffer overflow vulnerability in p_print_image() in devices/gdevcdj.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Memory Corruption Ghostscript Debian Linux +1
NVD
CVSS 3.1
5.5
EPSS
1.9%
CVE-2020-16307 MEDIUM POC This Month

A null pointer dereference vulnerability in devices/vector/gdevtxtw.c and psi/zbfont.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Ghostscript Debian Linux Ubuntu Linux
NVD
CVSS 3.1
5.5
EPSS
1.8%
CVE-2020-16306 MEDIUM POC This Month

A null pointer dereference vulnerability in devices/gdevtsep.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted postscript file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Ghostscript Debian Linux Ubuntu Linux
NVD
CVSS 3.1
5.5
EPSS
1.8%
CVE-2020-16305 MEDIUM POC This Month

A buffer overflow vulnerability in pcx_write_rle() in contrib/japanese/gdev10v.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Memory Corruption Ghostscript Debian Linux +1
NVD
CVSS 3.1
5.5
EPSS
2.3%
CVE-2020-16304 MEDIUM POC This Month

A buffer overflow vulnerability in image_render_color_thresh() in base/gxicolor.c of Artifex Software GhostScript v9.18 to v9.50 allows a remote attacker to escalate privileges via a crafted eps. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Ghostscript Debian Linux Ubuntu Linux
NVD
CVSS 3.1
5.5
EPSS
1.9%
CVE-2020-16302 MEDIUM POC This Month

A buffer overflow vulnerability in jetp3852_print_page() in devices/gdev3852.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted PDF file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Ghostscript Debian Linux Ubuntu Linux
NVD
CVSS 3.1
5.5
EPSS
1.9%
CVE-2020-16301 MEDIUM POC This Month

A buffer overflow vulnerability in okiibm_print_page1() in devices/gdevokii.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Ghostscript Debian Linux Ubuntu Linux
NVD
CVSS 3.1
5.5
EPSS
1.9%
CVE-2020-16300 MEDIUM POC This Month

A buffer overflow vulnerability in tiff12_print_page() in devices/gdevtfnx.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Memory Corruption Ghostscript Debian Linux +1
NVD
CVSS 3.1
5.5
EPSS
2.0%
CVE-2020-16299 MEDIUM POC This Month

A Division by Zero vulnerability in bj10v_print_page() in contrib/japanese/gdev10v.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Ghostscript Debian Linux Ubuntu Linux
NVD
CVSS 3.1
5.5
EPSS
1.8%
CVE-2020-16298 MEDIUM POC This Month

A buffer overflow vulnerability in mj_color_correct() in contrib/japanese/gdevmjc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Ghostscript Debian Linux Ubuntu Linux
NVD
CVSS 3.1
5.5
EPSS
2.0%
CVE-2020-16297 MEDIUM POC PATCH This Month

A buffer overflow vulnerability in FloydSteinbergDitheringC() in contrib/gdevbjca.c of Artifex Software GhostScript v9.18 to v9.50 allows a remote attacker to cause a denial of service via a crafted. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Denial Of Service Memory Corruption Ghostscript Debian Linux +1
NVD
CVSS 3.1
5.5
EPSS
2.3%
CVE-2020-16296 MEDIUM POC This Month

A buffer overflow vulnerability in GetNumWrongData() in contrib/lips4/gdevlips.c of Artifex Software GhostScript from v9.18 to v9.50 allows a remote attacker to cause a denial of service via a. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Memory Corruption Ghostscript Debian Linux +1
NVD
CVSS 3.1
5.5
EPSS
2.1%
CVE-2020-16295 MEDIUM POC This Month

A null pointer dereference vulnerability in clj_media_size() in devices/gdevclj.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Ghostscript Debian Linux Ubuntu Linux
NVD
CVSS 3.1
5.5
EPSS
1.8%
CVE-2020-16294 MEDIUM POC This Month

A buffer overflow vulnerability in epsc_print_page() in devices/gdevepsc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Ghostscript Debian Linux Ubuntu Linux
NVD
CVSS 3.1
5.5
EPSS
1.9%
CVE-2020-16293 MEDIUM POC This Month

A null pointer dereference vulnerability in compose_group_nonknockout_nonblend_isolated_allmask_common() in base/gxblend.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Ghostscript Debian Linux Ubuntu Linux
NVD
CVSS 3.1
5.5
EPSS
1.8%
CVE-2020-16292 MEDIUM POC This Month

A buffer overflow vulnerability in mj_raster_cmd() in contrib/japanese/gdevmjc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Memory Corruption Ghostscript Debian Linux +1
NVD
CVSS 3.1
5.5
EPSS
2.0%
CVE-2020-16291 MEDIUM POC PATCH This Month

A buffer overflow vulnerability in contrib/gdevdj9.c of Artifex Software GhostScript v9.18 to v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Denial Of Service Memory Corruption Ghostscript Debian Linux +1
NVD
CVSS 3.1
5.5
EPSS
2.3%
CVE-2020-16290 MEDIUM POC This Month

A buffer overflow vulnerability in jetp3852_print_page() in devices/gdev3852.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Memory Corruption Ghostscript Debian Linux +1
NVD
CVSS 3.1
5.5
EPSS
2.0%
CVE-2020-16289 MEDIUM POC This Month

A buffer overflow vulnerability in cif_print_page() in devices/gdevcif.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Memory Corruption Ghostscript Debian Linux +1
NVD
CVSS 3.1
5.5
EPSS
2.0%
CVE-2020-16288 MEDIUM POC This Month

A buffer overflow vulnerability in pj_common_print_page() in devices/gdevpjet.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Ghostscript Debian Linux Ubuntu Linux
NVD
CVSS 3.1
5.5
EPSS
2.0%
CVE-2020-16287 MEDIUM POC This Month

A buffer overflow vulnerability in lprn_is_black() in contrib/lips4/gdevlprn.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Memory Corruption Ghostscript Debian Linux +1
NVD
CVSS 3.1
5.5
EPSS
1.9%
CVE-2020-11733 MEDIUM This Month

An issue was discovered on Spirent TestCenter and Avalanche appliance admin interface firmware. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Command Injection Avalanche Testcenter
NVD GitHub
CVSS 3.1
6.7
EPSS
1.6%
CVE-2020-8684 MEDIUM PATCH This Month

Improper access control in firmware for Intel(R) PAC with Arria(R) 10 GX FPGA before Intel Acceleration Stack version 1.2.1 may allow a privileged user to potentially enable escalation of privilege. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Privilege Escalation Intel Acceleration Stack
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2020-8759 MEDIUM PATCH This Month

Improper access control in the installer for Intel(R) SSD DCT versions before 3.0.23 may allow a privileged user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Privilege Escalation Intel Ssd Data Center Tool
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2020-8742 MEDIUM PATCH This Month

Improper input validation in the firmware for Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Privilege Escalation Intel Nuc8I7Behga Firmware Nuc8I7Bekqa Firmware Nuc8I3Behfa Firmware +70
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2020-8733 MEDIUM PATCH This Month

Improper buffer restrictions in the firmware for Intel(R) Server Board M10JNP2SB before version 7.210 may allow a privileged user to potentially enable escalation of privilege via local access. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Privilege Escalation Intel M10Jnp2Sb Firmware
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2020-8711 MEDIUM This Month

Improper access control in the bootloader for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.45 may allow a privileged user to potentially enable escalation of. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Server Board S2600Wt Firmware Server System R1000Wt Firmware Server System R2000Wt Firmware +15
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2020-8710 MEDIUM This Month

Buffer overflow in the bootloader for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.45 may allow a privileged user to potentially enable escalation of privilege via. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Intel Server Board S2600Wt Firmware Server System R1000Wt Firmware +16
NVD
CVSS 3.1
6.7
EPSS
0.4%
CVE-2020-13281 MEDIUM This Month

For GitLab before 13.0.12, 13.1.6, 13.2.3 a denial of service exists in the project import feature. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Gitlab Denial Of Service
NVD
CVSS 3.1
6.5
EPSS
1.3%
CVE-2020-8689 MEDIUM PATCH This Month

Improper buffer restrictions in the Intel(R) Wireless for Open Source before version 1.5 may allow an unauthenticated user to potentially enable denial of service via adjacent access. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Intel Inet Wireless Daemon
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2020-7305 MEDIUM This Month

Privilege escalation vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows a low privileged remote attacker to create new rule sets via incorrect validation of user. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Data Loss Prevention
NVD
CVSS 3.1
6.5
EPSS
1.0%
CVE-2020-7302 MEDIUM This Month

Unrestricted Upload of File with Dangerous Type in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows authenticated attackers to upload malicious files to the DLP case management. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

File Upload Data Loss Prevention
NVD
CVSS 3.1
6.4
EPSS
0.7%
CVE-2020-8723 MEDIUM This Month

Cross-site scripting for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable escalation of privilege via. Rated medium severity (CVSS 6.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

XSS Privilege Escalation Intel Server Board S2600Wt Firmware Server System R1000Wt Firmware +16
NVD
CVSS 3.1
6.3
EPSS
0.6%
CVE-2020-8720 MEDIUM This Month

Buffer overflow in a subsystem for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow a privileged user to potentially enable denial of service via local. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Intel Server Board S2600Wt Firmware Server System R1000Wt Firmware +16
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2020-8683 MEDIUM PATCH This Month

Improper buffer restrictions in system driver for some Intel(R) Graphics Drivers before version 15.33.50.5129 may allow an authenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Intel Graphics Drivers
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2020-8682 MEDIUM PATCH This Month

Out of bounds read in system driver for some Intel(R) Graphics Drivers before version 15.33.50.5129 may allow an authenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Denial Of Service Intel Information Disclosure Graphics Drivers
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2020-8679 MEDIUM PATCH This Month

Out-of-bounds write in Kernel Mode Driver for some Intel(R) Graphics Drivers before version 26.20.100.7755 may allow an authenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Buffer Overflow Denial Of Service Intel Memory Corruption Graphics Drivers
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2020-0512 MEDIUM PATCH This Month

Uncaught exception in the system driver for some Intel(R) Graphics Drivers before version 15.33.50.5129 may allow an authenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Intel Graphics Drivers
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2020-8717 MEDIUM This Month

Improper input validation in a subsystem for some Intel Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable denial of service. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Intel Server Board S2600Wt Firmware Server System R1000Wt Firmware Server System R2000Wt Firmware +15
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2020-8716 MEDIUM This Month

Improper access control for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable denial of service via local. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Intel Server Board S2600Wt Firmware Server System R1000Wt Firmware Server System R2000Wt Firmware +15
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2020-8715 MEDIUM This Month

Invalid pointer for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable denial of service via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Intel Server Board S2600Wt Firmware Server System R1000Wt Firmware Server System R2000Wt Firmware +15
NVD
CVSS 3.1
5.5
EPSS
0.3%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy