Skip to main content
CVE-2020-7611 CRITICAL POC PATCH Act Now

All versions of io.micronaut:micronaut-http-client before 1.2.11 and all versions from 1.3.0 before 1.3.2 are vulnerable to HTTP Request Header Injection due to not validating request headers passed. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Request Smuggling Code Injection Micronaut
NVD GitHub
CVSS 3.1
9.8
EPSS
1.8%
CVE-2020-11105 CRITICAL POC Act Now

An issue was discovered in USC iLab cereal through 1.3.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Cereal
NVD GitHub
CVSS 3.1
9.8
EPSS
2.0%
CVE-2020-5723 CRITICAL POC Act Now

The UCM6200 series 1.0.20.22 and below stores unencrypted user passwords in an SQLite database. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Ucm6202 Firmware Ucm6204 Firmware Ucm6208 Firmware
NVD
CVSS 3.1
9.8
EPSS
5.7%
CVE-2020-10374 CRITICAL Act Now

A webserver component in Paessler PRTG Network Monitor 19.2.50 to PRTG 20.1.56 allows unauthenticated remote command execution via a crafted POST request or the what parameter of the screenshot. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Prtg Network Monitor
NVD
CVSS 3.1
9.8
EPSS
4.7%
CVE-2020-7610 CRITICAL PATCH Act Now

All versions of bson before 1.1.4 are vulnerable to Deserialization of Untrusted Data. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Deserialization Bson
NVD
CVSS 3.1
9.8
EPSS
2.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy