Skip to main content
CVE-2020-26913 MEDIUM This Month

Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Netgear Memory Corruption D6100 Firmware R7800 Firmware +19
NVD
CVSS 3.1
6.8
EPSS
0.6%
CVE-2020-26910 MEDIUM This Month

Certain NETGEAR devices are affected by command injection by an authenticated user. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Netgear Command Injection Cbr40 Firmware Rbk752 Firmware Rbr750 Firmware +4
NVD
CVSS 3.1
6.8
EPSS
1.0%
CVE-2020-9105 MEDIUM This Month

Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have an insufficient input validation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Taurus An00B Firmware
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2020-26922 MEDIUM This Month

Certain NETGEAR devices are affected by command injection by an authenticated user. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Netgear Command Injection Wc7500 Firmware Wc7600 Firmware Wc7600V2 Firmware +1
NVD
CVSS 3.1
6.7
EPSS
0.4%
CVE-2020-26931 MEDIUM This Month

Certain NETGEAR devices are affected by disclosure of sensitive information. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Information Disclosure Wc7500 Firmware Wc7600 Firmware Wc9500 Firmware
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2020-26924 MEDIUM This Month

Certain NETGEAR devices are affected by disclosure of sensitive information. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Information Disclosure Wac720 Firmware Wac730 Firmware
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2020-26901 MEDIUM This Month

Certain NETGEAR devices are affected by disclosure of sensitive information. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Information Disclosure Rbk752 Firmware Rbr750 Firmware Rbs750 Firmware +3
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2020-26899 MEDIUM This Month

Certain NETGEAR devices are affected by disclosure of sensitive information. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Information Disclosure Cbr40 Firmware Rbk752 Firmware Rbr750 Firmware +4
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2020-26916 MEDIUM This Month

Certain NETGEAR devices are affected by incorrect configuration of security settings. Rated medium severity (CVSS 6.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Netgear Information Disclosure D6200 Firmware D7000 Firmware Jr6150 Firmware +11
NVD
CVSS 3.1
6.3
EPSS
0.5%
CVE-2020-26162 MEDIUM This Month

Xerox WorkCentre EC7836 before 073.050.059.25300 and EC7856 before 073.020.059.25300 devices allow XSS via Description pages. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Workcentre Ec7836 Firmware Workcentre Ec7856 Firmware
NVD
CVSS 3.1
6.1
EPSS
0.6%
CVE-2020-13955 MEDIUM PATCH This Month

HttpUtils#getURLConnection method disables explicitly hostname verification for HTTPS connections making clients vulnerable to man-in-the-middle attacks. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Apache Information Disclosure Splunk Calcite
NVD
CVSS 3.1
5.9
EPSS
2.1%
CVE-2020-26923 MEDIUM This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Netgear Wc7500 Firmware Wc7600 Firmware Wc7600V2 Firmware +1
NVD
CVSS 3.1
4.8
EPSS
0.5%
CVE-2020-26918 MEDIUM This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Netgear Ex7000 Firmware R6250 Firmware R6400 Firmware +7
NVD
CVSS 3.1
4.8
EPSS
0.6%
CVE-2020-26917 MEDIUM This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Netgear Ex7000 Firmware R6250 Firmware R6400 Firmware +6
NVD
CVSS 3.1
4.8
EPSS
0.6%
CVE-2020-26915 MEDIUM This Month

Certain NETGEAR devices are affected by stored XSS. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Netgear D7800 Firmware R7500V2 Firmware R7800 Firmware +8
NVD
CVSS 3.1
4.8
EPSS
0.5%
CVE-2020-13626 MEDIUM This Month

OnePlus App Locker through 2020-10-06 allows physically proximate attackers to use Google Assistant to bypass an authorization check in order to send an SMS message when the SMS application is locked. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Google Authentication Bypass App Locker
NVD
CVSS 3.1
4.6
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy