Skip to main content
CVE-2020-6061 CRITICAL POC Act Now

An exploitable heap out-of-bounds read vulnerability exists in the way CoTURN 4.5.1.1 web server parses POST requests. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Coturn Fedora Debian Linux +1
NVD
CVSS 3.1
9.8
EPSS
5.1%
CVE-2020-8441 CRITICAL POC Act Now

JYaml through 1.3 allows remote code execution during deserialization of a malicious payload through the load() function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Deserialization Jyaml
NVD GitHub
CVSS 3.1
9.8
EPSS
5.0%
CVE-2020-6970 CRITICAL Act Now

A Heap-based Buffer Overflow was found in Emerson OpenEnterprise SCADA Server 2.83 (if Modbus or ROC Interfaces have been installed and are in use) and all versions of OpenEnterprise 3.1 through. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Openenterprise Scada Server
NVD
CVSS 3.1
9.8
EPSS
2.6%
CVE-2020-3943 CRITICAL Act Now

vRealize Operations for Horizon Adapter (6.7.x prior to 6.7.1 and 6.6.x prior to 6.6.1) uses a JMX RMI service which is not securely configured. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Vrealize Operations
NVD
CVSS 3.1
9.8
EPSS
2.3%
CVE-2020-3158 CRITICAL Act Now

A vulnerability in the High Availability (HA) service of Cisco Smart Software Manager On-Prem could allow an unauthenticated, remote attacker to access a sensitive part of the system with a. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Smart Software Manager On Prem
NVD
CVSS 3.1
9.1
EPSS
2.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy