Skip to main content
CVE-2020-10948 CRITICAL POC Act Now

Jon Hedley AlienForm2 (typically installed as af.cgi or alienform.cgi) 2.0.2 is vulnerable to Remote Command Execution via eval injection, a different issue than CVE-2002-0934. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Code Injection Alienform2
NVD GitHub
CVSS 3.1
9.8
EPSS
6.7%
CVE-2020-10867 CRITICAL POC Act Now

An issue was discovered in Avast Antivirus before 20. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Antivirus
NVD GitHub
CVSS 3.1
9.8
EPSS
2.2%
CVE-2020-11455 CRITICAL POC PATCH THREAT Act Now

LimeSurvey before 4.1.12+200324 contains a path traversal vulnerability in application/controllers/admin/LimeSurveyFileManager.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

PHP Path Traversal Limesurvey
NVD GitHub Exploit-DB
CVSS 3.1
9.8
EPSS
97.0%
CVE-2020-6009 CRITICAL Act Now

LearnDash Wordpress plugin version below 3.1.6 is vulnerable to Unauthenticated SQL Injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress SQLi Learndash
NVD
CVSS 3.1
9.8
EPSS
1.8%
CVE-2020-3850 CRITICAL Act Now

A memory corruption issue was addressed with improved input validation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Apple Mac Os X
NVD
CVSS 3.1
9.8
EPSS
3.2%
CVE-2020-3849 CRITICAL Act Now

A memory corruption issue was addressed with improved input validation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Apple Mac Os X
NVD
CVSS 3.1
9.8
EPSS
2.2%
CVE-2020-3848 CRITICAL Act Now

A memory corruption issue was addressed with improved input validation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Apple Mac Os X
NVD
CVSS 3.1
9.8
EPSS
2.2%
CVE-2020-3847 CRITICAL Act Now

An out-of-bounds read was addressed with improved input validation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple Mac Os X
NVD
CVSS 3.1
9.8
EPSS
2.2%
CVE-2020-9769 CRITICAL Act Now

Multiple issues were addressed by updating to version 8.1.1850. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Mac Os X
NVD
CVSS 3.1
9.8
EPSS
1.1%
CVE-2020-3911 CRITICAL Act Now

A buffer overflow was addressed with improved bounds checking. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Apple Icloud Itunes +5
NVD
CVSS 3.1
9.8
EPSS
1.6%
CVE-2020-3910 CRITICAL Act Now

A buffer overflow was addressed with improved size validation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Apple Icloud Itunes +5
NVD
CVSS 3.1
9.8
EPSS
1.6%
CVE-2020-3909 CRITICAL Act Now

A buffer overflow was addressed with improved bounds checking. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Apple Icloud Itunes +6
NVD
CVSS 3.1
9.8
EPSS
3.0%
CVE-2020-7947 CRITICAL Act Now

An issue was discovered in the Login by Auth0 plugin before 4.0.0 for WordPress. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress Code Injection Login By Auth0
NVD GitHub
CVSS 3.1
9.8
EPSS
2.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy