Skip to main content
CVE-2020-35262 MEDIUM POC This Month

Cross Site Scripting (XSS) vulnerability in Digisol DG-HR3400 can be exploited via the NTP server name in Time and date module and "Keyword" in URL Filter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Dg Hr3400 Firmware
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
1.1%
CVE-2021-21236 MEDIUM POC PATCH This Month

CairoSVG is a Python (pypi) package. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Python Denial Of Service Cairosvg
NVD GitHub
CVSS 3.1
5.5
EPSS
1.5%
CVE-2020-27285 CRITICAL Act Now

The default configuration of Crimson 3.1 (Build versions prior to 3119.001) allows a user to be able to read and modify the database without authentication. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Crimson
NVD VulDB
CVSS 3.1
9.1
EPSS
0.2%
CVE-2020-25498 MEDIUM POC This Month

Cross Site Scripting (XSS) vulnerability in Beetel router 777VR1 can be exploited via the NTP server name in System Time and "Keyword" in URL Filter. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS 777vr1 Firmware
NVD GitHub VulDB
CVSS 3.1
4.8
EPSS
1.1%
CVE-2020-27279 HIGH This Week

A NULL pointer deference vulnerability has been identified in the protocol converter. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Crimson
NVD VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2021-21235 MEDIUM PATCH This Month

kamadak-exif is an exif parsing library written in pure Rust. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Kamadak Exif
NVD GitHub
CVSS 3.1
6.5
EPSS
1.5%
CVE-2020-27283 MEDIUM This Month

An attacker could send a specially crafted message to Crimson 3.1 (Build versions prior to 3119.001) that could leak arbitrary memory locations. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Crimson
NVD VulDB
CVSS 3.1
5.3
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy