Skip to main content
CVE-2020-1938 CRITICAL POC KEV PATCH THREAT Act Now

When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Apache File Upload RCE Tomcat Geode +19
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
99.3%
CVE-2020-9374 CRITICAL POC THREAT Act Now

On TP-Link TL-WR849N 0.9.1 4.16 devices, a remote command execution vulnerability in the diagnostics area can be exploited when an attacker sends specific shell metacharacters to the panel's. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection TP-Link Tl Wr849N Firmware
NVD GitHub Exploit-DB
CVSS 3.1
9.8
EPSS
42.0%
CVE-2020-9366 CRITICAL PATCH Act Now

A buffer overflow was found in the way GNU Screen before 4.8.0 treated the special escape OSC 49. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Screen
NVD
CVSS 3.1
9.8
EPSS
2.7%
CVE-2020-4222 CRITICAL PATCH Act Now

IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

RCE IBM Command Injection Spectrum Protect
NVD
CVSS 3.1
9.8
EPSS
15.5%
CVE-2020-4213 CRITICAL PATCH Act Now

IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

RCE IBM Command Injection Spectrum Protect
NVD
CVSS 3.1
9.8
EPSS
15.5%
CVE-2020-4212 CRITICAL PATCH Act Now

IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE IBM Spectrum Protect
NVD
CVSS 3.1
9.8
EPSS
15.0%
CVE-2020-4211 CRITICAL PATCH Act Now

IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

RCE IBM Command Injection Spectrum Protect
NVD
CVSS 3.1
9.8
EPSS
71.1%
CVE-2020-4210 CRITICAL PATCH Act Now

IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

RCE IBM Command Injection Spectrum Protect
NVD
CVSS 3.1
9.8
EPSS
15.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy