Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In August 2020
CVE-2020-7527
Incorrect Default Permission vulnerability exists in SoMove (V2.8.1) and prior which could cause elevation of privilege and provide full access control to local system users to SoMove component and services when a SoMove installer script is launched.
CVSS Score
7.8
EPSS Score
0.0
Published
2020-08-31
CVE-2020-20625
Sliced Invoices plugin for WordPress 3.8.2 and earlier allows unauthenticated information disclosure and authenticated SQL injection via core/class-sliced.php.
CVSS Score
7.5
EPSS Score
0.007
Published
2020-08-31
CVE-2020-20626
lara-google-analytics.php in Lara Google Analytics plugin through 2.0.4 for WordPress allows authenticated stored XSS.
CVSS Score
5.4
EPSS Score
0.005
Published
2020-08-31
CVE-2020-20627
The includes/gateways/stripe/includes/admin/admin-actions.php in GiveWP plugin through 2.5.9 for WordPress allows unauthenticated settings change.
CVSS Score
5.3
EPSS Score
0.003
Published
2020-08-31
CVE-2020-24363
TP-Link TL-WA855RE V5 20200415-rel37464 devices allow an unauthenticated attacker (on the same network) to submit a TDDP_RESET POST request for a factory reset and reboot. The attacker can then obtain incorrect access control by setting a new administrative password.
CVSS Score
8.8
EPSS Score
0.061
Published
2020-08-31
CVE-2020-24699
The Chamber Dashboard Business Directory plugin 3.2.8 for WordPress allows XSS.
CVSS Score
6.1
EPSS Score
0.002
Published
2020-08-31
CVE-2020-13463
The flash memory readout protection in Apex Microelectronics APM32F103 devices allows physical attackers to extract firmware via the debug interface and exception handling.
CVSS Score
4.6
EPSS Score
0.001
Published
2020-08-31
CVE-2020-13464
The flash memory readout protection in China Key Systems & Integrated Circuit CKS32F103 devices allows physical attackers to extract firmware via the debug interface by utilizing the CPU or DMA module.
CVSS Score
4.2
EPSS Score
0.001
Published
2020-08-31
CVE-2020-13465
The security protection in Gigadevice GD32F103 devices allows physical attackers to redirect the control flow and execute arbitrary code via the debug interface.
CVSS Score
6.8
EPSS Score
0.001
Published
2020-08-31
CVE-2020-13466
STMicroelectronics STM32F103 devices through 2020-05-20 allow physical attackers to execute arbitrary code via a power glitch and a specific flash patch/breakpoint unit configuration.
CVSS Score
6.8
EPSS Score
0.001
Published
2020-08-31


Products
Pricing
Contact Us

Shodan ® - All rights reserved