Security Vulnerabilities - CVEs Published In 2020
This cross-site scripting vulnerability in Music Station allows remote attackers to inject malicious code. QANP have already fixed this vulnerability in the following versions of Music Station. QuTS hero h4.5.1: Music Station 5.3.13 and later QTS 4.5.1: Music Station 5.3.12 and later QTS 4.4.3: Music Station 5.3.12 and later
CVSS Score
6.1
EPSS Score
0.003
Published
2020-12-10
If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code in File Station. QANP have already fixed these vulnerabilities in the following versions of QTS and QuTS hero. QuTS hero h4.5.1.1472 build 20201031 and later QTS 4.5.1.1456 build 20201015 and later QTS 4.4.3.1354 build 20200702 and later QTS 4.3.6.1333 build 20200608 and later QTS 4.3.4.1368 build 20200703 and later QTS 4.3.3.1315 build 20200611 and later QTS 4.2.6 build 20200611 and later
CVSS Score
6.1
EPSS Score
0.003
Published
2020-12-10
If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code in File Station. QANP have already fixed these vulnerabilities in the following versions of QTS and QuTS hero. QuTS hero h4.5.1.1472 build 20201031 and later QTS 4.5.1.1456 build 20201015 and later QTS 4.4.3.1354 build 20200702 and later QTS 4.3.6.1333 build 20200608 and later QTS 4.3.4.1368 build 20200703 and later QTS 4.3.3.1315 build 20200611 and later QTS 4.2.6 build 20200611 and later
CVSS Score
6.1
EPSS Score
0.003
Published
2020-12-10
If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code in System Connection Logs. QANP have already fixed these vulnerabilities in the following versions of QTS and QuTS hero. QuTS hero h4.5.1.1472 build 20201031 and later QTS 4.5.1.1456 build 20201015 and later QTS 4.4.3.1354 build 20200702 and later QTS 4.3.6.1333 build 20200608 and later QTS 4.3.4.1368 build 20200703 and later QTS 4.3.3.1315 build 20200611 and later QTS 4.2.6 build 20200611 and later
CVSS Score
6.1
EPSS Score
0.003
Published
2020-12-10
Older firmware versions (FW1 up to FW10) of the WAGO PLC family 750-88x and 750-352 are vulnerable for a special denial of service attack.
CVSS Score
7.5
EPSS Score
0.007
Published
2020-12-10
Microsoft Exchange Server Information Disclosure Vulnerability
CVSS Score
8.8
EPSS Score
0.811
Published
2020-12-10
CVE-2020-17144
Microsoft Exchange Remote Code Execution Vulnerability
Known exploited
CVSS Score
8.4
EPSS Score
0.929
Published
2020-12-10
Azure DevOps Server and Team Foundation Services Spoofing Vulnerability
CVSS Score
5.4
EPSS Score
0.007
Published
2020-12-10
Dynamics CRM Webclient Cross-site Scripting Vulnerability
CVSS Score
8.7
EPSS Score
0.007
Published
2020-12-10
Visual Studio Code Remote Development Extension Remote Code Execution Vulnerability
CVSS Score
7.8
EPSS Score
0.049
Published
2020-12-10