Skip to main content
CVE-2020-6087 HIGH POC This Week

An exploitable denial of service vulnerability exists in the ENIP Request Path Data Segment functionality of Allen-Bradley Flex IO 1794-AENT/B. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Rockwell Denial Of Service Flex I O 1794 Aent B Firmware
NVD
CVSS 3.1
7.5
EPSS
3.6%
CVE-2020-6086 HIGH POC This Week

An exploitable denial of service vulnerability exists in the ENIP Request Path Data Segment functionality of Allen-Bradley Flex IO 1794-AENT/B. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Rockwell Denial Of Service Flex I O 1794 Aent B Firmware
NVD
CVSS 3.1
7.5
EPSS
3.6%
CVE-2020-6083 HIGH POC This Week

An exploitable denial of service vulnerability exists in the ENIP Request Path Port Segment functionality of Allen-Bradley Flex IO 1794-AENT/B. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Rockwell Denial Of Service Allen Bradley Flex Io 1794 Aent B Firmware
NVD
CVSS 3.1
7.5
EPSS
3.5%
CVE-2020-8350 HIGH This Week

An authentication bypass vulnerability was reported in Lenovo ThinkPad Stack Wireless Router firmware version 1.1.3.4 that could allow escalation of privilege. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Lenovo Privilege Escalation Authentication Bypass Thinkpad Stack Wireless Router Firmware
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2020-9746 HIGH This Week

Adobe Flash Player version 32.0.0.433 (and earlier) are affected by an exploitable NULL pointer dereference vulnerability that could result in a crash and arbitrary code execution. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe RCE Null Pointer Dereference Denial Of Service Flash Player
NVD
CVSS 3.1
8.8
EPSS
4.4%
CVE-2020-0416 HIGH PATCH This Week

In multiple settings screens, there are possible tapjacking attacks due to an insecure default value. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Privilege Escalation Android
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2020-7330 HIGH This Week

Privilege Escalation vulnerability in McAfee Total Protection (MTP) trial prior to 4.0.176.1 allows local users to schedule tasks which call malicious software to execute with elevated privileges via. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Total Protection
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2020-7383 HIGH This Week

A SQL Injection issue in Rapid7 Nexpose version prior to 6.6.49 that may have allowed an authenticated user with a low permission level to access resources & make changes they should not have been. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Nexpose
NVD
CVSS 3.1
8.1
EPSS
1.1%
CVE-2020-8345 HIGH This Week

A DLL search path vulnerability was reported in the Lenovo HardwareScan Plugin for the Lenovo Vantage hardware scan feature prior to version 1.0.46.11 that could allow escalation of privilege. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Lenovo Privilege Escalation Hardware Scan
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-8338 HIGH PATCH This Week

A DLL search path vulnerability was reported in Lenovo Diagnostics prior to version 4.35.4 that could allow a user with local access to execute code on the system. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Lenovo Information Disclosure Diagnostics
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-3427 HIGH This Week

The Windows Logon installer prior to 4.1.2 did not properly validate file installation paths. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Microsoft Duo Authentication For Windows Logon And Rdp
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-0423 HIGH This Week

In binder_release_work of binder.c, there is a possible use-after-free due to improper locking. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Use After Free Privilege Escalation Memory Corruption Android +1
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2020-0421 HIGH PATCH This Week

In appendFormatV of String8.cpp, there is a possible out of bounds write due to incorrect error handling. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Google Privilege Escalation Buffer Overflow Android
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-0420 HIGH PATCH This Week

In setUpdatableDriverPath of GpuService.cpp, there is a possible memory corruption due to a missing permission check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Google Privilege Escalation Buffer Overflow Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2020-0408 HIGH This Week

In remove of String16.cpp, there is a possible out of bounds write due to an integer overflow. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Buffer Overflow Privilege Escalation Integer Overflow Android
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2020-25188 HIGH This Week

An attacker who convinces a valid user to open a specially crafted project file to exploit could execute code under the privileges of the application due to an out-of-bounds read vulnerability on the. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure SCADA
NVD
CVSS 3.1
7.8
EPSS
1.9%
CVE-2020-0413 HIGH PATCH This Week

In gatt_process_read_by_type_rsp of gatt_cl.cc, there is a possible out of bounds read due to a missing bounds check. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Google Information Disclosure Android
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2020-0377 HIGH This Week

In gatt_process_read_by_type_rsp of gatt_cl.cc, there is a possible out of bounds read due to a missing bounds check. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Google Information Disclosure Android
NVD
CVSS 3.1
7.5
EPSS
1.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy