Skip to main content
CVE-2020-1951 MEDIUM PATCH This Month

A carefully crafted or corrupt PSD file can cause an infinite loop in Apache Tika's PSDParser in versions 1.0-1.23. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Apache Denial Of Service Tika Business Process Management Suite Communications Messaging Server +3
NVD
CVSS 3.1
5.5
EPSS
2.8%
CVE-2020-1950 MEDIUM PATCH This Month

A carefully crafted or corrupt PSD file can cause excessive memory usage in Apache Tika's PSDParser in versions 1.0-1.23. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Apache Denial Of Service Tika Business Process Management Suite Communications Messaging Server +3
NVD
CVSS 3.1
5.5
EPSS
2.9%
CVE-2020-6425 MEDIUM PATCH This Month

Insufficient policy enforcement in extensions in Google Chrome prior to 80.0.3987.149 allowed an attacker who convinced a user to install a malicious extension to bypass site isolation via a crafted. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Authentication Bypass Chrome Debian Linux Fedora +1
NVD
CVSS 3.1
5.4
EPSS
1.2%
CVE-2020-10660 MEDIUM PATCH This Month

HashiCorp Vault and Vault Enterprise versions 0.9.0 through 1.3.3 may, under certain circumstances, have an Entity's Group membership inadvertently include Groups the Entity no longer has permissions. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Hashicorp Privilege Escalation Vault
NVD GitHub
CVSS 3.1
5.3
EPSS
0.8%
CVE-2020-8872 MEDIUM This Month

This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.1-47117. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Parallels Desktop
NVD
CVSS 3.1
4.4
EPSS
0.5%
CVE-2020-5252 MEDIUM PATCH This Month

The command-line "safety" package for Python has a potential security issue. Rated medium severity (CVSS 4.1). No vendor patch available.

Python Docker Information Disclosure Safety
NVD GitHub
CVSS 3.1
4.1
EPSS
0.4%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy