Skip to main content
CVE-2020-8129 CRITICAL POC PATCH Act Now

An unintended require vulnerability in script-manager npm package version 0.8.6 and earlier may allow attackers to execute arbitrary code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Node.js RCE Code Injection Script Manager
NVD
CVSS 3.1
9.8
EPSS
2.9%
CVE-2020-8128 CRITICAL POC PATCH Act Now

An unintended require and server-side request forgery vulnerabilities in jsreport version 2.5.0 and earlier allow attackers to execute arbitrary code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE SSRF Jsreport
NVD
CVSS 3.1
9.8
EPSS
2.7%
CVE-2020-6068 HIGH POC This Week

An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll PNG pngread parser of the Accusoft ImageGear 19.5.0 library. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow RCE Memory Corruption Imagegear
NVD
CVSS 3.1
8.8
EPSS
3.7%
CVE-2020-8594 MEDIUM POC This Month

The Ninja Forms plugin 3.4.22 for WordPress has Multiple Stored XSS vulnerabilities via ninja_forms[recaptcha_site_key], ninja_forms[recaptcha_secret_key], ninja_forms[recaptcha_lang], or. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS WordPress Ninja Forms
NVD
CVSS 3.1
5.4
EPSS
1.2%
CVE-2020-8612 CRITICAL PATCH Act Now

In Progress MOVEit Transfer 2019.1 before 2019.1.4 and 2019.2 before 2019.2.1, a REST API endpoint failed to adequately sanitize malicious input, which could allow an authenticated attacker to. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS RCE Moveit Transfer
NVD
CVSS 3.1
9.0
EPSS
1.7%
CVE-2020-8858 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Moxa MGate 5105-MB-EIP firmware version 4.1. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Command Injection Mgate 5105 Mb Eip Firmware Mgate 5105 Mb Eip T Firmware
NVD
CVSS 3.1
8.8
EPSS
7.4%
CVE-2020-8611 HIGH This Week

In Progress MOVEit Transfer 2019.1 before 2019.1.4 and 2019.2 before 2019.2.1, multiple SQL Injection vulnerabilities have been found in the REST API that could allow an authenticated attacker to. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Microsoft Authentication Bypass Moveit Transfer
NVD
CVSS 3.1
8.8
EPSS
1.2%
CVE-2020-8857 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.7.0.29455. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free Memory Corruption RCE Reader Phantompdf
NVD
CVSS 3.1
7.8
EPSS
6.1%
CVE-2020-8856 HIGH This Week

This vulnerability allows remote atackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.6.0.25608. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free Memory Corruption RCE Reader Phantompdf
NVD
CVSS 3.1
7.8
EPSS
19.8%
CVE-2020-8855 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.0.2947. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free Memory Corruption RCE Reader Phantompdf
NVD
CVSS 3.1
7.8
EPSS
6.1%
CVE-2020-8854 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.0.29478. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Reader Phantompdf
NVD
CVSS 3.1
7.8
EPSS
6.1%
CVE-2020-8853 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.0.29478. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Reader Phantompdf
NVD
CVSS 3.1
7.8
EPSS
6.0%
CVE-2020-8851 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.7.0.29455. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Reader Phantompdf
NVD
CVSS 3.1
7.8
EPSS
6.0%
CVE-2020-8850 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.7.0.29455. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Reader Phantompdf
NVD
CVSS 3.1
7.8
EPSS
6.0%
CVE-2020-8849 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.7.0.29455. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Reader Phantompdf
NVD
CVSS 3.1
7.8
EPSS
6.0%
CVE-2020-8848 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.7.0.29455. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Reader Phantompdf
NVD
CVSS 3.1
7.8
EPSS
6.1%
CVE-2020-8847 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.7.0.29455. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Reader Phantompdf
NVD
CVSS 3.1
7.8
EPSS
6.1%
CVE-2020-8846 HIGH This Week

This vulnerability allows remote atackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.6.0.25114. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free Memory Corruption RCE Reader Phantompdf
NVD
CVSS 3.1
7.8
EPSS
19.8%
CVE-2020-8845 HIGH This Week

This vulnerability allows remote atackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.6.0.25114. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free Memory Corruption RCE Reader Phantompdf
NVD
CVSS 3.1
7.8
EPSS
19.5%
CVE-2020-8844 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.6.0.25114. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Integer Overflow Reader Phantompdf
NVD
CVSS 3.1
7.8
EPSS
31.5%
CVE-2020-8843 HIGH PATCH This Week

An issue was discovered in Istio 1.3 through 1.3.6. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Istio
NVD GitHub
CVSS 3.1
7.4
EPSS
1.1%
CVE-2020-7251 MEDIUM This Month

Improper access control vulnerability in Configuration Tool in McAfee Mcafee Endpoint Security (ENS) Prior to 10.6.1 February 2020 Update allows local users to disable security features via. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Endpoint Security
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2020-8992 MEDIUM PATCH This Month

ext4_protect_reserved_inode in fs/ext4/block_validity.c in the Linux kernel through 5.5.3 allows attackers to cause a denial of service (soft lockup) via a crafted journal size. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Linux Denial Of Service Linux Kernel Ubuntu Linux Leap +7
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2020-5532 MEDIUM This Month

ilbo App (ilbo App for Android prior to version 1.1.8 and ilbo App for iOS prior to version 1.2.01) allows an attacker on the same network segment to bypass authentication and to view the images. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Google Authentication Bypass Apple Ilbo
NVD
CVSS 3.1
4.3
EPSS
0.9%
CVE-2020-8852 LOW Monitor

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 9.7.0.29455. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Reader Phantompdf
NVD
CVSS 3.1
3.3
EPSS
4.2%
CVE-2020-8991 LOW Monitor

vg_lookup in daemons/lvmetad/lvmetad-core.c in LVM2 2.02 mismanages memory, leading to an lvmetad memory leak, as demonstrated by running pvs. Rated low severity (CVSS 2.3), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Privilege Escalation Red Hat Lvm2
NVD
CVSS 3.1
2.3
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy