Skip to main content
CVE-2020-8424 HIGH POC This Week

Cups Easy (Purchase & Inventory) 1.0 is vulnerable to CSRF that leads to admin account takeover via passwordmychange.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP Cups Easy
NVD GitHub Exploit-DB
CVSS 3.1
8.8
EPSS
1.5%
CVE-2020-8417 HIGH POC THREAT This Week

The Code Snippets plugin before 2.14.0 for WordPress allows CSRF because of the lack of a Referer check on the import menu. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress CSRF Code Snippets
NVD
CVSS 3.1
8.8
EPSS
11.9%
CVE-2020-8112 HIGH POC This Week

opj_t1_clbl_decode_processor in openjp2/t1.c in OpenJPEG 2.3.1 through 2020-01-28 has a heap-based buffer overflow in the qmfbid==1 case, a different issue than CVE-2020-6851. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Memory Corruption Openjpeg Debian Linux
NVD GitHub
CVSS 3.1
8.8
EPSS
3.6%
CVE-2020-5227 HIGH POC PATCH This Week

Feedgen (python feedgen) before 0.9.0 is susceptible to XML Denial of Service attacks. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Python Feedgen
NVD GitHub
CVSS 3.1
7.5
EPSS
1.6%
CVE-2020-5215 HIGH POC PATCH This Week

In TensorFlow before 1.15.2 and 2.0.1, converting a string (from Python) to a tf.float16 value results in a segmentation fault in eager mode as the format checks for this use case are only in the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Python Tensorflow
NVD GitHub
CVSS 3.1
7.5
EPSS
0.6%
CVE-2020-7799 HIGH POC THREAT This Week

An issue was discovered in FusionAuth before 1.11.0. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Apache Information Disclosure Fusionauth
NVD
CVSS 3.1
7.2
EPSS
19.8%
CVE-2020-8420 HIGH This Week

An issue was discovered in Joomla!. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Joomla
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2020-8419 HIGH This Week

An issue was discovered in Joomla!. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Joomla
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2020-7998 HIGH This Week

An arbitrary file upload vulnerability has been discovered in the Super File Explorer app 1.0.1 for iOS. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

File Upload Super File Explorer
NVD GitHub
CVSS 3.1
8.8
EPSS
1.5%
CVE-2020-5210 HIGH PATCH This Week

In NetHack before 3.6.5, an invalid argument to the -w command line option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow RCE Privilege Escalation Nethack
NVD GitHub
CVSS 3.1
7.8
EPSS
0.8%
CVE-2020-5209 HIGH PATCH This Week

In NetHack before 3.6.5, unknown options starting with -de and -i can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow RCE Privilege Escalation Nethack
NVD GitHub
CVSS 3.1
7.8
EPSS
0.8%
CVE-2020-1940 HIGH PATCH This Week

The optional initial password change and password expiration features present in Apache Jackrabbit Oak 1.2.0 to 1.22.0 are prone to a sensitive information disclosure vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Apache Information Disclosure Jackrabbit Oak
NVD
CVSS 3.1
7.5
EPSS
4.5%
CVE-2020-5523 HIGH This Week

Android App 'MyPallete' and some of the Android banking applications based on 'MyPallete' do not verify X.509 certificates from servers, and also do not properly validate certificates with. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Google Information Disclosure 77 Bank Ashigin Dogin +6
NVD
CVSS 3.1
7.4
EPSS
1.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy