Skip to main content
CVE-2020-12502 HIGH POC This Week

Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE,. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Es7510 Xt Firmware Es8509 Xt Firmware Es8510 Xt Firmware Es9528 Xtv2 Firmware +19
NVD
CVSS 3.1
8.8
EPSS
1.0%
CVE-2020-6108 HIGH POC This Week

An exploitable code execution vulnerability exists in the fsck_chk_orphan_node functionality of F2fs-Tools F2fs.Fsck 1.13. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE F2Fs Tools
NVD
CVSS 3.1
7.8
EPSS
2.2%
CVE-2020-6105 HIGH POC This Week

An exploitable code execution vulnerability exists in the multiple devices functionality of F2fs-Tools F2fs.Fsck 1.13. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE F2Fs Tools
NVD
CVSS 3.1
7.8
EPSS
2.1%
CVE-2020-25858 HIGH POC This Week

The QCMAP_Web_CLIENT binary in the Qualcomm QCMAP software suite prior to versions released in October 2020 does not validate the return value of a strstr() or strchr() call in the Tokenizer(). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Qualcomm Qualcomm Mobile Access Point
NVD
CVSS 3.1
7.5
EPSS
9.6%
CVE-2020-12503 HIGH POC THREAT This Week

Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE,. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Es7510 Xt Firmware Es8509 Xt Firmware Es8510 Xt Firmware Es9528 Xtv2 Firmware +24
NVD
CVSS 3.1
7.2
EPSS
23.3%
CVE-2020-27153 HIGH PATCH This Week

In BlueZ before 5.55, a double free was found in the gatttool disconnect_cb() routine from shared/att.c. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service RCE Bluez Debian Linux Leap
NVD GitHub VulDB
CVSS 3.1
8.6
EPSS
1.9%
CVE-2020-7591 HIGH This Week

A vulnerability has been identified in SIPORT MP (All versions < 3.2.1). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Siport Mp
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2020-5642 HIGH This Week

Cross-site request forgery (CSRF) vulnerability in Live Chat - Live support version 3.1.0 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Live Chat Live Support
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2020-7334 HIGH This Week

Improper privilege assignment vulnerability in the installer McAfee Application and Change Control (MACC) prior to 8.3.2 allows local administrators to change or update the configuration settings via. Rated high severity (CVSS 8.2), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Application And Change Control
NVD
CVSS 3.1
8.2
EPSS
0.3%
CVE-2020-27157 HIGH This Week

Veritas APTARE versions prior to 10.5 included code that bypassed the normal login process when specific authentication credentials were provided to the server. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Aptare
NVD
CVSS 3.1
8.1
EPSS
1.0%
CVE-2020-6374 HIGH This Week

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated Jupiter Tessallation(.jt) file received from untrusted sources which results in crashing of the application and. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service SAP 3D Visual Enterprise Viewer
NVD
CVSS 3.1
7.8
EPSS
1.2%
CVE-2020-6373 HIGH This Week

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated PDF file received from untrusted sources which results in crashing of the application and becoming temporarily. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service SAP 3D Visual Enterprise Viewer
NVD
CVSS 3.1
7.8
EPSS
1.2%
CVE-2020-6372 HIGH This Week

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated PDF file received from untrusted sources which results in crashing of the application and becoming temporarily. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service SAP 3D Visual Enterprise Viewer
NVD
CVSS 3.1
7.8
EPSS
1.2%
CVE-2020-11637 HIGH This Week

A memory leak in the TFTP service in B&R Automation Runtime versions <N4.26, <N4.34, <F4.45, <E4.53, <D4.63, <A4.73 and prior could allow an unauthenticated attacker with network access to cause a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Automation Runtime
NVD
CVSS 3.1
7.5
EPSS
1.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy