Skip to main content
CVE-2020-8961 CRITICAL Act Now

An issue was discovered in Avira Free-Antivirus before 15.0.2004.1825. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection Free Antivirus
NVD
CVSS 3.1
9.8
EPSS
2.0%
CVE-2020-10631 CRITICAL Act Now

An attacker could use a specially crafted URL to delete or read files outside the WebAccess/NMS's (versions prior to 3.0.2) control. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Webaccess Nms
NVD
CVSS 3.1
9.8
EPSS
1.5%
CVE-2020-10625 CRITICAL Act Now

WebAccess/NMS (versions prior to 3.0.2) allows an unauthenticated remote user to create a new admin account. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Webaccess Nms
NVD
CVSS 3.1
9.8
EPSS
1.6%
CVE-2020-10621 CRITICAL Act Now

Multiple issues exist that allow files to be uploaded and executed on the WebAccess/NMS (versions prior to 3.0.2). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

File Upload Webaccess Nms
NVD
CVSS 3.1
9.8
EPSS
1.6%
CVE-2020-11656 CRITICAL PATCH Act Now

In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statement. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Information Disclosure Sqlite Ontap Select Deploy Administration Utility +10
NVD
CVSS 3.1
9.8
EPSS
7.4%
CVE-2020-10619 CRITICAL Act Now

An attacker could use a specially crafted URL to delete files outside the WebAccess/NMS's (versions prior to 3.0.2) control. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Webaccess Nms
NVD
CVSS 3.1
9.1
EPSS
14.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy