Skip to main content
CVE-2020-8141 HIGH POC PATCH This Week

The dot package v1.1.2 uses Function() to compile templates. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE Code Injection Dot
NVD
CVSS 3.1
8.8
EPSS
2.1%
CVE-2020-10589 HIGH POC This Week

v2rayL 2.1.3 allows local users to achieve root access because /etc/v2rayL/config.json is owned by a low-privileged user but contains commands that are executed as root, after v2rayL.service is. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation V2Rayl
NVD GitHub
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-10588 HIGH POC This Week

v2rayL 2.1.3 allows local users to achieve root access because /etc/v2rayL/add.sh and /etc/v2rayL/remove.sh are owned by a low-privileged user but execute as root via Sudo. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation V2Rayl
NVD GitHub
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-9290 HIGH This Week

An Unsafe Search Path vulnerability in FortiClient for Windows online installer 6.2.3 and below may allow a local attacker with control over the directory in which FortiClientOnlineInstaller.exe and. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Fortinet RCE Microsoft Forticlient Forticlient Virtual Private Network
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2020-9287 HIGH This Week

An Unsafe Search Path vulnerability in FortiClient EMS online installer 6.2.1 and below may allow a local attacker with control over the directory in which FortiClientEMSOnlineInstaller.exe resides. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Fortinet RCE Forticlient Emergency Management Server
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2020-10591 HIGH PATCH This Week

An issue was discovered in Walmart Labs Concord before 1.44.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Concord
NVD GitHub
CVSS 3.1
7.5
EPSS
2.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy