Skip to main content
CVE-2020-0022 HIGH POC PATCH This Week

In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bounds write due to an incorrect bounds calculation. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Google RCE Buffer Overflow Android Mate 20 Firmware +20
NVD
CVSS 3.1
8.8
EPSS
5.4%
CVE-2020-8800 HIGH This Week

SuiteCRM through 7.11.11 allows EmailsControllerActionGetFromFields PHP Object Injection. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection PHP Suitecrm
NVD
CVSS 3.1
8.8
EPSS
2.8%
CVE-2020-3757 HIGH PATCH This Week

Adobe Flash Player versions 32.0.0.321 and earlier, 32.0.0.314 and earlier, 32.0.0.321 and earlier, and 32.0.0.255 and earlier have a type confusion vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.

Adobe RCE Memory Corruption Flash Player Enterprise Linux Desktop +2
NVD
CVSS 3.1
8.8
EPSS
9.8%
CVE-2020-3739 HIGH PATCH This Week

Adobe Framemaker versions 2019.0.4 and below have a memory corruption vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow RCE Memory Corruption Adobe Framemaker
NVD
CVSS 3.1
8.8
EPSS
3.6%
CVE-2020-3738 HIGH PATCH This Week

Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow RCE Memory Corruption Adobe Framemaker
NVD
CVSS 3.1
8.8
EPSS
3.9%
CVE-2020-3737 HIGH PATCH This Week

Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow RCE Memory Corruption Adobe Framemaker
NVD
CVSS 3.1
8.8
EPSS
3.9%
CVE-2020-3736 HIGH PATCH This Week

Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow RCE Memory Corruption Adobe Framemaker
NVD
CVSS 3.1
8.8
EPSS
4.0%
CVE-2020-3735 HIGH PATCH This Week

Adobe Framemaker versions 2019.0.4 and below have a heap overflow vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow RCE Memory Corruption Adobe Framemaker
NVD
CVSS 3.1
8.8
EPSS
6.2%
CVE-2020-3734 HIGH PATCH This Week

Adobe Framemaker versions 2019.0.4 and below have a buffer error vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow RCE Memory Corruption Adobe Framemaker
NVD
CVSS 3.1
8.8
EPSS
4.5%
CVE-2020-3733 HIGH PATCH This Week

Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow RCE Memory Corruption Adobe Framemaker
NVD
CVSS 3.1
8.8
EPSS
4.0%
CVE-2020-3732 HIGH PATCH This Week

Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow RCE Memory Corruption Adobe Framemaker
NVD
CVSS 3.1
8.8
EPSS
3.9%
CVE-2020-3731 HIGH PATCH This Week

Adobe Framemaker versions 2019.0.4 and below have a heap overflow vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow RCE Memory Corruption Adobe Framemaker
NVD
CVSS 3.1
8.8
EPSS
6.2%
CVE-2020-3730 HIGH PATCH This Week

Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow RCE Memory Corruption Adobe Framemaker
NVD
CVSS 3.1
8.8
EPSS
3.9%
CVE-2020-3729 HIGH PATCH This Week

Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow RCE Memory Corruption Adobe Framemaker
NVD
CVSS 3.1
8.8
EPSS
3.9%
CVE-2020-3728 HIGH PATCH This Week

Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow RCE Memory Corruption Adobe Framemaker
NVD
CVSS 3.1
8.8
EPSS
4.0%
CVE-2020-3727 HIGH PATCH This Week

Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow RCE Memory Corruption Adobe Framemaker
NVD
CVSS 3.1
8.8
EPSS
3.9%
CVE-2020-3726 HIGH PATCH This Week

Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow RCE Memory Corruption Adobe Framemaker
NVD
CVSS 3.1
8.8
EPSS
4.0%
CVE-2020-3725 HIGH PATCH This Week

Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow RCE Memory Corruption Adobe Framemaker
NVD
CVSS 3.1
8.8
EPSS
4.0%
CVE-2020-3724 HIGH PATCH This Week

Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow RCE Memory Corruption Adobe Framemaker
NVD
CVSS 3.1
8.8
EPSS
4.0%
CVE-2020-3723 HIGH PATCH This Week

Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow RCE Memory Corruption Adobe Framemaker
NVD
CVSS 3.1
8.8
EPSS
4.0%
CVE-2020-3722 HIGH PATCH This Week

Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow RCE Memory Corruption Adobe Framemaker
NVD
CVSS 3.1
8.8
EPSS
3.9%
CVE-2020-3721 HIGH PATCH This Week

Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow RCE Memory Corruption Adobe Framemaker
NVD
CVSS 3.1
8.8
EPSS
4.0%
CVE-2020-3720 HIGH PATCH This Week

Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow RCE Memory Corruption Adobe Framemaker
NVD
CVSS 3.1
8.8
EPSS
4.0%
CVE-2020-5239 HIGH This Week

In Mailu before version 1.7, an authenticated user can exploit a vulnerability in Mailu fetchmail script and gain full access to a Mailu instance. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Docker Authentication Bypass Mailu
NVD GitHub
CVSS 3.1
8.8
EPSS
0.9%
CVE-2020-0564 HIGH PATCH This Week

Improper permissions in the installer for Intel(R) RWC3 for Windows before version 7.010.009.000 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Incorrect Default Permissions vulnerability could allow attackers to access resources due to overly permissive default settings.

Intel Privilege Escalation Microsoft Raid Web Console 3
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-0563 HIGH This Week

Improper permissions in the installer for Intel(R) MPSS before version 3.8.6 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Manycore Platform Software Stack
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-0562 HIGH PATCH This Week

Improper permissions in the installer for Intel(R) RWC2, all versions, may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Incorrect Default Permissions vulnerability could allow attackers to access resources due to overly permissive default settings.

Privilege Escalation Intel Raid Web Console 2
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-0561 HIGH This Week

Improper initialization in the Intel(R) SGX SDK before v2.6.100.1 may allow an authenticated user to potentially enable escalation of privilege via local access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Software Guard Extensions Sdk Backports Leap
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-0560 HIGH This Week

Improper permissions in the installer for the Intel(R) Renesas Electronics(R) USB 3.0 Driver, all versions, may allow an authenticated user to potentially enable escalation of privilege via local. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Intel Renesas Electronics Usb 3 0 Driver
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-3748 HIGH PATCH This Week

Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have an use after free vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Adobe Memory Corruption RCE Use After Free +2
NVD
CVSS 3.1
7.8
EPSS
3.6%
CVE-2020-0027 HIGH PATCH This Week

In HidRawSensor::batch of HidRawSensor.cpp, there is a possible out of bounds write due to an unexpected switch fallthrough. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Google Privilege Escalation Memory Corruption Android
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2020-0026 HIGH PATCH This Week

In Parcel::continueWrite of Parcel.cpp, there is possible memory corruption due to a use after free. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Buffer Overflow Privilege Escalation Memory Corruption Google +2
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2020-0015 HIGH PATCH This Week

In onCreate of CertInstaller.java, there is a possible way to overlay the Certificate Installation dialog by a malicious application. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Google Privilege Escalation Android
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2020-3759 HIGH PATCH This Week

Adobe Digital Editions versions 4.5.10 and below have a buffer errors vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Adobe Information Disclosure Digital Editions
NVD
CVSS 3.1
7.5
EPSS
4.2%
CVE-2020-3756 HIGH PATCH This Week

Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have a stack exhaustion vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Memory Leak vulnerability could allow attackers to exhaust available memory leading to denial of service.

Adobe Information Disclosure Acrobat Dc Acrobat Reader Dc
NVD
CVSS 3.1
7.5
EPSS
2.2%
CVE-2020-3755 HIGH PATCH This Week

Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have an out-of-bounds read vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Adobe Information Disclosure Acrobat Dc Acrobat Reader Dc
NVD
CVSS 3.1
7.5
EPSS
2.7%
CVE-2020-3753 HIGH PATCH This Week

Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have a stack exhaustion vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Memory Leak vulnerability could allow attackers to exhaust available memory leading to denial of service.

Adobe Information Disclosure Acrobat Dc Acrobat Reader Dc
NVD
CVSS 3.1
7.5
EPSS
2.2%
CVE-2020-3747 HIGH PATCH This Week

Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have an out-of-bounds read vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Adobe Information Disclosure Acrobat Dc Acrobat Reader Dc
NVD
CVSS 3.1
7.5
EPSS
2.7%
CVE-2020-3744 HIGH PATCH This Week

Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have an out-of-bounds read vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Adobe Information Disclosure Acrobat Dc Acrobat Reader Dc
NVD
CVSS 3.1
7.5
EPSS
8.9%
CVE-2020-3741 HIGH PATCH This Week

Adobe Experience Manager versions 6.5, and 6.4 have an uncontrolled resource consumption vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Adobe Denial Of Service Experience Manager
NVD
CVSS 3.1
7.5
EPSS
3.2%
CVE-2020-8801 HIGH This Week

SuiteCRM through 7.11.11 allows PHAR Deserialization. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Deserialization Suitecrm
NVD
CVSS 3.1
7.2
EPSS
2.8%
CVE-2020-0030 HIGH PATCH This Week

In binder_thread_release of binder.c, there is a possible use after free due to a race condition. Rated high severity (CVSS 7.0).

Google Race Condition Denial Of Service Privilege Escalation Android
NVD
CVSS 3.1
7.0
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy