Vulnerabilities > High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-06-10	CVE-2020-13238	Resource Exhaustion vulnerability in Mitsubishielectric products Mitsubishi MELSEC iQ-R Series PLCs with firmware 33 allow attackers to halt the industrial process by sending an unauthenticated crafted packet over the network, because this denial of service attack consumes excessive CPU time. network low complexity mitsubishielectric CWE-400	7.8
2020-06-10	CVE-2020-12757	Improper Privilege Management vulnerability in Hashicorp Vault 1.4.0/1.4.1/1.4.2 HashiCorp Vault and Vault Enterprise 1.4.0 and 1.4.1, when configured with the GCP Secrets Engine, may incorrectly generate GCP Credentials with the default time-to-live lease duration instead of the engine-configured setting. network low complexity hashicorp CWE-269	7.5
2020-06-10	CVE-2020-2026	Link Following vulnerability in multiple products A malicious guest compromised before a container creation (e.g. local low complexity katacontainers fedoraproject CWE-59	8.8
2020-06-10	CVE-2020-0115	Improper Privilege Management vulnerability in Google Android In verifyIntentFiltersIfNeeded of PackageManagerService.java, there is a possible settings bypass allowing an app to become the default handler for arbitrary domains. local low complexity google CWE-269	7.2
2020-06-10	CVE-2020-0114	Improper Privilege Management vulnerability in Google Android 10.0 In onCreateSliceProvider of KeyguardSliceProvider.java, there is a possible confused deputy due to a PendingIntent error. local low complexity google CWE-269	7.2
2020-06-10	CVE-2020-7675	Improper Input Validation vulnerability in Cd-Messenger Project Cd-Messenger cd-messenger through 2.7.26 is vulnerable to Arbitrary Code Execution. network low complexity cd-messenger-project CWE-20	7.5
2020-06-10	CVE-2020-7674	Improper Input Validation vulnerability in Access-Policy Project Access-Policy 3.0.0/3.1.0 access-policy through 3.1.0 is vulnerable to Arbitrary Code Execution. network low complexity access-policy-project CWE-20	7.5
2020-06-10	CVE-2020-7673	Improper Input Validation vulnerability in Node-Extend Project Node-Extend node-extend through 0.2.0 is vulnerable to Arbitrary Code Execution. network low complexity node-extend-project CWE-20	7.5
2020-06-10	CVE-2020-7672	Improper Input Validation vulnerability in Mosc Project Mosc 1.0.0 mosc through 1.0.0 is vulnerable to Arbitrary Code Execution. network low complexity mosc-project CWE-20	7.5
2020-06-10	CVE-2020-7671	HTTP Request Smuggling vulnerability in Goliath Project Goliath goliath through 1.0.6 allows request smuggling attacks where goliath is used as a backend and a frontend proxy also being vulnerable. network low complexity goliath-project CWE-444	7.5

Vulnerabilities > High {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"High"}]}

Vulnerabilities > High