Skip to main content
CVE-2020-11721 MEDIUM POC This Month

load_png in loader.c in libsixel.a in libsixel 1.8.6 has an uninitialized pointer leading to an invalid call to free, which can cause a denial of service. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Memory Corruption Libsixel
NVD GitHub
CVSS 3.1
6.5
EPSS
0.5%
CVE-2020-11712 MEDIUM POC This Month

Open Upload through 0.4.3 allows XSS via index.php?action=u and the filename field. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Open Upload
NVD GitHub
CVSS 3.1
6.1
EPSS
1.1%
CVE-2020-11704 MEDIUM POC This Month

An issue was discovered in ProVide (formerly zFTPServer) through 13.1. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Provide Ftp Server
NVD GitHub
CVSS 3.1
6.1
EPSS
0.7%
CVE-2020-11702 MEDIUM POC This Month

An issue was discovered in ProVide (formerly zFTPServer) through 13.1. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Provide Ftp Server
NVD GitHub
CVSS 3.1
6.1
EPSS
0.7%
CVE-2020-11714 MEDIUM POC This Month

eten PSG-6528VM 1.1 devices allow XSS via System Contact or System Location. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Psg 6528Vm Firmware
NVD GitHub
CVSS 3.1
5.4
EPSS
0.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy