Skip to main content
CVE-2020-16158 HIGH POC This Week

GoPro gpmf-parser through 1.5 has a stack out-of-bounds write vulnerability in GPMF_ExpandComplexTYPE(). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Memory Corruption Gpmf Parser
NVD GitHub
CVSS 3.1
8.8
EPSS
1.9%
CVE-2020-15909 HIGH POC This Week

SolarWinds N-central through 2020.1 allows session hijacking and requires user interaction or physical access. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Session Fixation Information Disclosure N Central
NVD
CVSS 3.1
8.8
EPSS
2.2%
CVE-2020-13778 HIGH POC This Week

rConfig 3.9.4 and earlier allows authenticated code execution (of system commands) by sending a forged GET request to lib/ajaxHandlers/ajaxAddTemplate.php or lib/ajaxHandlers/ajaxEditTemplate.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE Command Injection PHP Rconfig
NVD GitHub
CVSS 3.1
8.8
EPSS
4.2%
CVE-2020-6085 HIGH POC This Week

An exploitable denial of service vulnerability exists in the ENIP Request Path Logical Segment functionality of Allen-Bradley Flex IO 1794-AENT/B 4.003. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Rockwell Denial Of Service Flex I O 1794 Aent
NVD
CVSS 3.1
7.5
EPSS
3.5%
CVE-2020-6084 HIGH POC This Week

An exploitable denial of service vulnerability exists in the ENIP Request Path Logical Segment functionality of Allen-Bradley Flex IO 1794-AENT/B 4.003. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Rockwell Denial Of Service Flex I O 1794 Aent
NVD
CVSS 3.1
7.5
EPSS
3.5%
CVE-2020-24388 HIGH POC This Week

An issue was discovered in the _send_secure_msg() function of yubihsm-shell through 2.0.2. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Yubihsm Shell Fedora
NVD GitHub
CVSS 3.1
7.5
EPSS
1.7%
CVE-2020-24387 HIGH POC This Week

An issue was discovered in the yh_create_session() function of yubihsm-shell through 2.0.2. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Information Disclosure Yubihsm Shell Fedora
NVD GitHub
CVSS 3.1
7.5
EPSS
1.7%
CVE-2020-16161 HIGH POC This Week

GoPro gpmf-parser 1.5 has a division-by-zero vulnerability in GPMF_ScaledData(). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Gpmf Parser
NVD GitHub
CVSS 3.1
7.5
EPSS
1.8%
CVE-2020-16160 HIGH POC This Week

GoPro gpmf-parser 1.5 has a division-by-zero vulnerability in GPMF_Decompress(). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Gpmf Parser
NVD GitHub
CVSS 3.1
7.5
EPSS
1.3%
CVE-2020-24266 HIGH POC This Week

An issue was discovered in tcpreplay tcpprep v4.3.3. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Memory Corruption Tcpreplay Fedora
NVD GitHub
CVSS 3.1
7.5
EPSS
2.5%
CVE-2020-24265 HIGH POC This Week

An issue was discovered in tcpreplay tcpprep v4.3.3. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Memory Corruption Tcpreplay Fedora
NVD GitHub
CVSS 3.1
7.5
EPSS
2.5%
CVE-2020-7745 HIGH POC This Week

This affects the package MintegralAdSDK before 6.6.0.0. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Code Injection Mintegraladsdk
NVD
CVSS 3.1
7.1
EPSS
2.6%
CVE-2020-7195 HIGH This Week

A iccselectrules expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Intelligent Management Center
NVD
CVSS 3.1
8.8
EPSS
3.3%
CVE-2020-7194 HIGH This Week

A perfaddormoddevicemonitor expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Intelligent Management Center
NVD
CVSS 3.1
8.8
EPSS
3.2%
CVE-2020-7193 HIGH This Week

A ictexpertcsvdownload expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Intelligent Management Center
NVD
CVSS 3.1
8.8
EPSS
3.3%
CVE-2020-7192 HIGH This Week

A devicethresholdconfig expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Intelligent Management Center
NVD
CVSS 3.1
8.8
EPSS
3.2%
CVE-2020-7191 HIGH This Week

A devsoftsel expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Intelligent Management Center
NVD
CVSS 3.1
8.8
EPSS
3.3%
CVE-2020-7190 HIGH This Week

A deviceselect expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Intelligent Management Center
NVD
CVSS 3.1
8.8
EPSS
3.2%
CVE-2020-7189 HIGH This Week

A faultflasheventselectfact expression language injectionremote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Intelligent Management Center
NVD
CVSS 3.1
8.8
EPSS
3.2%
CVE-2020-7188 HIGH This Week

A userselectpagingcontent expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Intelligent Management Center
NVD
CVSS 3.1
8.8
EPSS
3.2%
CVE-2020-7187 HIGH This Week

A reportpage index expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Intelligent Management Center
NVD
CVSS 3.1
8.8
EPSS
3.2%
CVE-2020-7186 HIGH This Week

A powershellconfigcontent expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Intelligent Management Center
NVD
CVSS 3.1
8.8
EPSS
3.2%
CVE-2020-7185 HIGH This Week

A tvxlanlegend expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Intelligent Management Center
NVD
CVSS 3.1
8.8
EPSS
3.2%
CVE-2020-7184 HIGH This Week

A viewbatchtaskresultdetailfact expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Intelligent Management Center
NVD
CVSS 3.1
8.8
EPSS
3.3%
CVE-2020-7183 HIGH This Week

A forwardredirect expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Intelligent Management Center
NVD
CVSS 3.1
8.8
EPSS
3.2%
CVE-2020-7182 HIGH This Week

A sshconfig expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Intelligent Management Center
NVD
CVSS 3.1
8.8
EPSS
3.3%
CVE-2020-7181 HIGH This Week

A smsrulesdownload expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Intelligent Management Center
NVD
CVSS 3.1
8.8
EPSS
3.2%
CVE-2020-7180 HIGH This Week

A ictexpertdownload expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Intelligent Management Center
NVD
CVSS 3.1
8.8
EPSS
3.3%
CVE-2020-7179 HIGH This Week

A thirdpartyperfselecttask expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Intelligent Management Center
NVD
CVSS 3.1
8.8
EPSS
3.2%
CVE-2020-7178 HIGH This Week

A mediaforaction expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Intelligent Management Center
NVD
CVSS 3.1
8.8
EPSS
3.2%
CVE-2020-7177 HIGH This Week

A wmiconfigcontent expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Intelligent Management Center
NVD
CVSS 3.1
8.8
EPSS
3.2%
CVE-2020-7176 HIGH This Week

A viewtaskresultdetailfact expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Intelligent Management Center
NVD
CVSS 3.1
8.8
EPSS
3.3%
CVE-2020-7175 HIGH This Week

A iccselectdymicparam expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Intelligent Management Center
NVD
CVSS 3.1
8.8
EPSS
3.3%
CVE-2020-7174 HIGH This Week

A soapconfigcontent expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Intelligent Management Center
NVD
CVSS 3.1
8.8
EPSS
3.2%
CVE-2020-7173 HIGH This Week

A actionselectcontent expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Intelligent Management Center
NVD
CVSS 3.1
8.8
EPSS
3.2%
CVE-2020-24630 HIGH This Week

A remote operatoronlinelist_content privilege escalation vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Intelligent Management Center
NVD
CVSS 3.1
8.8
EPSS
1.8%
CVE-2020-9113 HIGH This Week

HUAWEI Mate 20 versions earlier than 10.0.0.188(C00E74R3P8) have a buffer overflow vulnerability in the Bluetooth module. Rated high severity (CVSS 8.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Huawei Mate 20 Firmware
NVD
CVSS 3.1
8.0
EPSS
0.4%
CVE-2020-9263 HIGH This Week

HUAWEI Mate 30 versions earlier than 10.1.0.150(C00E136R5P3) and HUAWEI P30 version earlier than 10.1.0.160(C00E160R2P11) have a use after free vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Memory Corruption RCE Use After Free Huawei +2
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2020-9112 HIGH This Week

Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have a privilege elevation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Taurus An00B Firmware
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2020-15822 HIGH This Week

In JetBrains YouTrack before 2020.2.10514, SSRF is possible because URL filtering can be escaped. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF Youtrack
NVD
CVSS 3.1
7.3
EPSS
1.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy