Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In October 2020
CVE-2020-24629
A remote urlaccesscontroller authentication bypass vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS Score
9.8
EPSS Score
0.003
Published
2020-10-19
CVE-2020-24630
A remote operatoronlinelist_content privilege escalation vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS Score
8.8
EPSS Score
0.004
Published
2020-10-19
CVE-2020-24646
A tftpserver stack-based buffer overflow remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS Score
9.8
EPSS Score
0.039
Published
2020-10-19
CVE-2020-24647
A remote accessmgrservlet classname input validation code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
CVSS Score
9.8
EPSS Score
0.008
Published
2020-10-19
CVE-2020-16158
GoPro gpmf-parser through 1.5 has a stack out-of-bounds write vulnerability in GPMF_ExpandComplexTYPE(). Parsing malicious input can result in a crash or potentially arbitrary code execution.
CVSS Score
8.8
EPSS Score
0.009
Published
2020-10-19
CVE-2020-16159
GoPro gpmf-parser 1.5 has a heap out-of-bounds read and segfault in GPMF_ScaledData(). Parsing malicious input can result in a crash or information disclosure.
CVSS Score
9.1
EPSS Score
0.004
Published
2020-10-19
CVE-2020-16160
GoPro gpmf-parser 1.5 has a division-by-zero vulnerability in GPMF_Decompress(). Parsing malicious input can result in a crash.
CVSS Score
7.5
EPSS Score
0.004
Published
2020-10-19
CVE-2020-16161
GoPro gpmf-parser 1.5 has a division-by-zero vulnerability in GPMF_ScaledData(). Parsing malicious input can result in a crash.
CVSS Score
7.5
EPSS Score
0.007
Published
2020-10-19
CVE-2020-26891
AuthRestServlet in Matrix Synapse before 1.21.0 is vulnerable to XSS due to unsafe interpolation of the session GET parameter. This allows a remote attacker to execute an XSS attack on the domain Synapse is hosted on, by supplying the victim user with a malicious URL to the /_matrix/client/r0/auth/*/fallback/web or /_matrix/client/unstable/auth/*/fallback/web Synapse endpoints.
CVSS Score
6.1
EPSS Score
0.006
Published
2020-10-19
CVE-2020-24265
An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap buffer overflow vulnerability in MemcmpInterceptorCommon() that can make tcpprep crash and cause a denial of service.
CVSS Score
7.5
EPSS Score
0.005
Published
2020-10-19


Products
Pricing
Contact Us

Shodan ® - All rights reserved