Skip to main content
CVE-2020-8639 HIGH POC PATCH THREAT This Week

An unrestricted file upload vulnerability in keywordsImport.php in TestLink 1.9.20 allows remote attackers to execute arbitrary code by uploading a file with an executable extension. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

File Upload RCE PHP Testlink
NVD GitHub Exploit-DB
CVSS 3.1
8.8
EPSS
15.9%
CVE-2020-11500 HIGH POC This Week

Zoom Client for Meetings through 4.6.9 uses the ECB mode of AES for video and audio encryption. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Meetings
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2020-7004 HIGH This Week

VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module may allow weak or insecure permissions on the VBASE directory resulting in elevation of privileges or malicious effects on the system. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Vbase Editor Vbase Web Remote
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2020-10601 HIGH This Week

VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module allow weak hashing algorithm and insecure permissions which may allow a local attacker to bypass the password-protected mechanism. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Vbase Editor Vbase Web Remote
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-4273 HIGH PATCH This Week

IBM Spectrum Scale 4.2 and 5.0 could allow a local unprivileged attacker with intimate knowledge of the enviornment to execute commands as root using specially crafted input. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

IBM Information Disclosure Spectrum Scale
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-7008 HIGH This Week

VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module may allow input passed in the URL that is not properly verified before use, which may allow an attacker to read arbitrary files from. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Vbase Editor Vbase Web Remote
NVD
CVSS 3.1
7.5
EPSS
1.9%
CVE-2020-7000 HIGH This Week

VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module may allow an unauthenticated attacker to discover the cryptographic key from the web server and gain information about the login and. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Vbase Editor Vbase Web Remote
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2020-11501 HIGH PATCH This Week

GnuTLS 3.6.x before 3.6.13 uses incorrect cryptography for DTLS. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Gnutls Ubuntu Linux Debian Linux Leap +1
NVD
CVSS 3.1
7.4
EPSS
3.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy