Skip to main content
CVE-2020-25645 HIGH POC This Week

A flaw was found in the Linux kernel in versions before 5.9-rc7. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Linux Information Disclosure Linux Kernel Debian Linux Solidfire Hci Management Node +4
NVD
CVSS 3.1
7.5
EPSS
2.4%
CVE-2020-7743 HIGH POC PATCH This Week

The package mathjs before 7.5.1 are vulnerable to Prototype Pollution via the deepExtend function that runs upon configuration updates. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Prototype Pollution Information Disclosure Mathjs
NVD GitHub
CVSS 3.1
7.3
EPSS
3.9%
CVE-2020-13957 CRITICAL PATCH Act Now

Apache Solr versions 6.6.0 to 6.6.6, 7.0.0 to 7.7.3 and 8.0.0 to 8.6.2 prevents some features considered dangerous (which could be used for remote code execution) to be configured in a ConfigSet. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache RCE Authentication Bypass Solr
NVD
CVSS 3.1
9.8
EPSS
78.9%
CVE-2020-17407 CRITICAL Act Now

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microhard Bullet-LTE prior to v1.2.0-r1112. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow Bullet Lte Firmware
NVD
CVSS 3.1
9.8
EPSS
6.8%
CVE-2020-16124 CRITICAL PATCH Act Now

Integer Overflow or Wraparound vulnerability in the XML RPC library of OpenRobotics ros_comm communications packages allows unauthenticated network traffic to cause unexpected behavior. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Integer Overflow Ros Comm
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2020-17406 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microhard Bullet-LTE prior to v1.2.0-r1112. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Command Injection Bullet Lte Firmware
NVD
CVSS 3.1
8.8
EPSS
5.3%
CVE-2020-12928 HIGH PATCH This Week

A vulnerability in a dynamically loaded AMD driver in AMD Ryzen Master V15 may allow any authenticated user to escalate privileges to NT authority system. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Amd Ryzen Master
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2020-17417 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.0.1.35811. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free Memory Corruption RCE Foxit Reader Phantompdf
NVD
CVSS 3.1
7.8
EPSS
9.1%
CVE-2020-17416 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.0.0.35798. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Foxit Reader Phantompdf
NVD
CVSS 3.1
7.8
EPSS
9.1%
CVE-2020-17415 HIGH This Week

This vulnerability allows local attackers to escalate privileges on affected installations of Foxit PhantomPDF 10.0.0.35798. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Foxit Reader Phantompdf
NVD
CVSS 3.1
7.8
EPSS
2.1%
CVE-2020-17414 HIGH This Week

This vulnerability allows local attackers to escalate privileges on affected installations of Foxit Reader 10.0.0.35798. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Foxit Reader Phantompdf
NVD
CVSS 3.1
7.8
EPSS
1.9%
CVE-2020-17413 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 10.0.0.35798. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow 3D
NVD
CVSS 3.1
7.8
EPSS
4.2%
CVE-2020-17412 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 10.0.0.35798. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption 3D
NVD
CVSS 3.1
7.8
EPSS
4.2%
CVE-2020-17410 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 10.0.0.35798. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free Memory Corruption RCE Foxit Reader Phantompdf
NVD
CVSS 3.1
7.8
EPSS
9.1%
CVE-2020-7590 MEDIUM This Month

A vulnerability has been identified in DCA Vantage Analyzer (All versions < V4.5 are affected by CVE-2020-7590. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Dca Vantage Analyzer Firmware
NVD
CVSS 3.1
6.8
EPSS
0.4%
CVE-2020-15797 MEDIUM This Month

A vulnerability has been identified in DCA Vantage Analyzer (All versions < V4.5 are affected by CVE-2020-7590. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Dca Vantage Analyzer Firmware
NVD
CVSS 3.1
6.8
EPSS
0.4%
CVE-2020-15251 MEDIUM PATCH This Month

In the Channelmgnt plug-in for Sopel (a Python IRC bot) before version 1.0.3, malicious users are able to op/voice and take over a channel. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Python Authentication Bypass Channelmgnt
NVD GitHub
CVSS 3.1
6.5
EPSS
1.1%
CVE-2020-17409 MEDIUM PATCH This Month

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR R6120, R6080, R6260, R6220, R6020, JNR3210, and WNR2020 routers with. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

Netgear Information Disclosure R6020 Firmware R6080 Firmware R6120 Firmware +8
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2020-12933 MEDIUM PATCH This Month

A denial of service vulnerability exists in the D3DKMTEscape handler functionality of AMD ATIKMDAG.SYS (e.g. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Denial Of Service Microsoft Buffer Overflow Amd Information Disclosure +1
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2020-12911 MEDIUM PATCH This Month

A denial of service vulnerability exists in the D3DKMTCreateAllocation handler functionality of AMD ATIKMDAG.SYS (e.g. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Denial Of Service Amd Information Disclosure Atikmdag Sys
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2020-17411 LOW Monitor

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 10.0.0.35798. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure 3D
NVD
CVSS 3.1
3.3
EPSS
3.1%
CVE-2020-25779 LOW PATCH Monitor

Trend Micro Antivirus for Mac 2020 (Consumer) has a vulnerability in which a Internationalized Domain Name homograph attack (Puny-code) could be used to add a malicious website to the approved. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Trend Micro Authentication Bypass Antivirus
NVD
CVSS 3.1
3.3
EPSS
0.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy