Skip to main content
CVE-2020-35262 MEDIUM POC This Month

Cross Site Scripting (XSS) vulnerability in Digisol DG-HR3400 can be exploited via the NTP server name in Time and date module and "Keyword" in URL Filter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Dg Hr3400 Firmware
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
1.1%
CVE-2021-21236 MEDIUM POC PATCH This Month

CairoSVG is a Python (pypi) package. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Python Denial Of Service Cairosvg
NVD GitHub
CVSS 3.1
5.5
EPSS
1.5%
CVE-2020-25498 MEDIUM POC This Month

Cross Site Scripting (XSS) vulnerability in Beetel router 777VR1 can be exploited via the NTP server name in System Time and "Keyword" in URL Filter. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS 777vr1 Firmware
NVD GitHub VulDB
CVSS 3.1
4.8
EPSS
1.1%
CVE-2021-21235 MEDIUM PATCH This Month

kamadak-exif is an exif parsing library written in pure Rust. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Kamadak Exif
NVD GitHub
CVSS 3.1
6.5
EPSS
1.5%
CVE-2020-27283 MEDIUM This Month

An attacker could send a specially crafted message to Crimson 3.1 (Build versions prior to 3119.001) that could leak arbitrary memory locations. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Crimson
NVD VulDB
CVSS 3.1
5.3
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy