Skip to main content
CVE-2020-8147 CRITICAL POC Act Now

Flaw in input validation in npm package utils-extend version 1.0.8 and earlier may allow prototype pollution attack that may result in remote code execution or denial of service of applications using. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Node.js RCE Denial Of Service Utils Extend
NVD
CVSS 3.1
9.8
EPSS
3.1%
CVE-2020-8638 CRITICAL POC PATCH Act Now

A SQL injection vulnerability in TestLink 1.9.20 allows attackers to execute arbitrary SQL commands in planUrgency.php via the urgency parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

SQLi PHP Testlink
NVD GitHub
CVSS 3.1
9.8
EPSS
1.7%
CVE-2020-8637 CRITICAL POC PATCH Act Now

A SQL injection vulnerability in TestLink 1.9.20 allows attackers to execute arbitrary SQL commands in dragdroptreenodes.php via the node_id parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

SQLi PHP Testlink
NVD GitHub
CVSS 3.1
9.8
EPSS
2.9%
CVE-2020-6994 CRITICAL Act Now

A buffer overflow vulnerability was found in some devices of Hirschmann Automation and Control HiOS and HiSecOS. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Hirschmann Hios Hirschmann Hisecos
NVD
CVSS 3.1
9.8
EPSS
1.6%
CVE-2020-10599 CRITICAL Act Now

VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module may allow a vulnerable ActiveX component to be exploited resulting in a buffer overflow, which may lead to a denial-of-service. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow Vbase Editor Vbase Web Remote
NVD
CVSS 3.1
9.8
EPSS
2.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy