Skip to main content
CVE-2020-5344 CRITICAL Act Now

Dell EMC iDRAC7, iDRAC8 and iDRAC9 versions prior to 2.65.65.65, 2.70.70.70, 4.00.00.00 contain a stack-based buffer overflow vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow Dell Idrac7 Firmware +2
NVD
CVSS 3.1
9.8
EPSS
3.7%
CVE-2020-6008 CRITICAL Act Now

LifterLMS Wordpress plugin version below 3.37.15 is vulnerable to arbitrary file write leading to remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

File Upload WordPress RCE Lifterlms
NVD
CVSS 3.1
9.8
EPSS
3.8%
CVE-2020-4208 CRITICAL PATCH Act Now

IBM Spectrum Protect Plus 10.1.0 through 10.1.5 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use of Hard-coded Credentials vulnerability could allow attackers to gain access using credentials embedded in source code.

IBM Authentication Bypass Spectrum Protect Plus
NVD
CVSS 3.1
9.8
EPSS
1.8%
CVE-2020-10595 CRITICAL PATCH Act Now

pam-krb5 before 4.9 has a buffer overflow that might cause remote code execution in situations involving supplemental prompting by a Kerberos library. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow RCE Pam Krb5 Debian Linux
NVD GitHub
CVSS 3.1
9.8
EPSS
4.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy