Skip to main content
CVE-2020-7607 CRITICAL POC Act Now

gulp-styledocco through 0.0.3 allows execution of arbitrary commands. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Gulp Styledocco
NVD
CVSS 3.1
9.8
EPSS
2.5%
CVE-2020-7606 CRITICAL POC Act Now

docker-compose-remote-api through 0.1.4 allows execution of arbitrary commands. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Docker Docker Compose Remote Api
NVD
CVSS 3.1
9.8
EPSS
2.6%
CVE-2020-7605 CRITICAL POC Act Now

gulp-tape through 1.0.0 allows execution of arbitrary commands. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Gulp Tape
NVD
CVSS 3.1
9.8
EPSS
2.5%
CVE-2020-7604 CRITICAL POC Act Now

pulverizr through 0.7.0 allows execution of arbitrary commands. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Pulverizr
NVD
CVSS 3.1
9.8
EPSS
2.5%
CVE-2020-7603 CRITICAL POC Act Now

closure-compiler-stream through 0.1.15 allows execution of arbitrary commands. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Closure Compiler Stream
NVD
CVSS 3.1
9.8
EPSS
2.5%
CVE-2020-7602 CRITICAL POC Act Now

node-prompt-here through 1.0.1 allows execution of arbitrary commands. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Node Prompt Here
NVD
CVSS 3.1
9.8
EPSS
2.5%
CVE-2020-7601 CRITICAL POC Act Now

gulp-scss-lint through 1.0.0 allows execution of arbitrary commands. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Gulp Scss Lint
NVD
CVSS 3.1
9.8
EPSS
2.6%
CVE-2020-0086 CRITICAL Act Now

In readCString of Parcel.cpp, there is a possible out of bounds write due to an integer overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Buffer Overflow RCE Integer Overflow Android
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2020-10594 CRITICAL PATCH Act Now

An issue was discovered in drf-jwt 1.15.x before 1.15.1. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Python Authentication Bypass Django Rest Framework Json Web Tokens
NVD GitHub
CVSS 3.1
9.1
EPSS
1.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy