Skip to main content
CVE-2020-13620 HIGH POC This Week

Fastweb FASTGate GPON FGA2130FWB devices through 2020-05-26 allow CSRF via the router administration web panel, leading to an attacker's ability to perform administrative actions such as modifying. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Fastgate Gpon Fga2130Fwb Firmware
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2020-29063 HIGH POC This Week

An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure 72408A Firmware 9008A Firmware 9016A Firmware 92408A Firmware +24
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2020-29057 HIGH POC This Week

An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service 72408A Firmware 9008A Firmware 9016A Firmware 92408A Firmware +24
NVD
CVSS 3.1
7.5
EPSS
1.9%
CVE-2020-29040 HIGH This Week

An issue was discovered in Xen through 4.14.x allowing x86 HVM guest OS users to cause a denial of service (stack corruption), cause a data leak, or possibly gain privileges because of an off-by-one. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Xen
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2020-4000 HIGH This Week

The SD-WAN Orchestrator 3.3.2 prior to 3.3.2 P3, 3.4.x prior to 3.4.4, and 4.0.x prior to 4.0.1 allows for executing files through directory traversal. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Path Traversal Sd Wan Orchestrator
NVD
CVSS 3.1
8.8
EPSS
43.0%
CVE-2020-3985 HIGH This Week

The SD-WAN Orchestrator 3.3.2 prior to 3.3.2 P3 and 3.4.x prior to 3.4.4 allows an access to set arbitrary authorization levels leading to a privilege escalation issue. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Sd Wan Orchestrator
NVD
CVSS 3.1
8.8
EPSS
1.4%
CVE-2020-26237 HIGH PATCH This Week

Highlight.js is a syntax highlighter written in JavaScript. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Highlight Js Debian Linux Mysql Enterprise Monitor
NVD GitHub
CVSS 3.1
8.7
EPSS
1.3%
CVE-2020-5674 HIGH This Week

Untrusted search path vulnerability in the installers of multiple SEIKO EPSON products allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Album Print Color Calibration Utility Colorbase Colorio Easy Print +29
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-28331 HIGH This Week

Barco wePresent WiPG-1600W devices have Improper Access Control. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Wepresent Wipg 1600W Firmware
NVD
CVSS 3.1
7.5
EPSS
1.7%
CVE-2020-26890 HIGH PATCH This Week

Matrix Synapse before 1.20.0 erroneously permits non-standard NaN, Infinity, and -Infinity JSON values in fields of m.room.member events, allowing remote attackers to execute a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Synapse Fedora
NVD GitHub
CVSS 3.1
7.5
EPSS
3.0%
CVE-2020-25654 HIGH This Week

An ACL bypass flaw was found in pacemaker. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Pacemaker Debian Linux
NVD
CVSS 3.1
7.2
EPSS
2.0%
CVE-2020-4002 HIGH This Week

The SD-WAN Orchestrator 3.3.2 prior to 3.3.2 P3, 3.4.x prior to 3.4.4, and 4.0.x prior to 4.0.1 handles system parameters in an insecure way. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Sd Wan Orchestrator
NVD
CVSS 3.1
7.2
EPSS
1.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy