Skip to main content
CVE-2020-6450 HIGH POC This Week

Use after free in WebAudio in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Google Use After Free Denial Of Service Memory Corruption Chrome +3
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2020-6448 HIGH POC This Week

Use after free in V8 in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Google Use After Free Denial Of Service Memory Corruption Chrome +4
NVD
CVSS 3.1
8.8
EPSS
1.7%
CVE-2020-6447 HIGH POC This Week

Inappropriate implementation in developer tools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had convinced the user to use devtools to potentially exploit heap corruption via. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Google Information Disclosure Chrome Debian Linux +3
NVD
CVSS 3.1
8.8
EPSS
1.8%
CVE-2020-6434 HIGH POC This Week

Use after free in devtools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Google Use After Free Denial Of Service Memory Corruption Chrome +4
NVD
CVSS 3.1
8.8
EPSS
1.7%
CVE-2020-6430 HIGH POC This Week

Type Confusion in V8 in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Google Memory Corruption Information Disclosure Chrome Fedora +3
NVD
CVSS 3.1
8.8
EPSS
1.9%
CVE-2020-11738 HIGH POC KEV THREAT This Week

The Snap Creek Duplicator plugin before 1.3.28 for WordPress (and Duplicator Pro before 3.8.7.1) allows Directory Traversal via ../ in the file parameter to duplicator_download or duplicator_init. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress Path Traversal Duplicator
NVD Exploit-DB
CVSS 3.1
7.5
EPSS
97.8%
CVE-2020-11732 HIGH POC This Week

The Media Library Assistant plugin before 2.82 for Wordpress suffers from a Local File Inclusion vulnerability in mla_gallery link=download. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress Information Disclosure Media Library Assistant
NVD
CVSS 3.1
7.5
EPSS
4.9%
CVE-2020-6455 HIGH This Week

Out of bounds read in WebSQL in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Google Information Disclosure Chrome Debian Linux +3
NVD
CVSS 3.1
8.8
EPSS
2.0%
CVE-2020-6454 HIGH This Week

Use after free in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Use After Free Denial Of Service Memory Corruption Chrome +4
NVD
CVSS 3.1
8.8
EPSS
1.4%
CVE-2020-6452 HIGH This Week

Heap buffer overflow in media in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Google Memory Corruption Chrome Fedora +2
NVD
CVSS 3.1
8.8
EPSS
1.8%
CVE-2020-6451 HIGH PATCH This Week

Use after free in WebAudio in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Use After Free Denial Of Service Memory Corruption Chrome +3
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2020-6443 HIGH This Week

Insufficient data validation in developer tools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had convinced the user to use devtools to execute arbitrary code via a crafted. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google RCE Chrome Debian Linux Fedora +2
NVD
CVSS 3.1
8.8
EPSS
1.8%
CVE-2020-6439 HIGH This Week

Insufficient policy enforcement in navigations in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass security UI via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Privilege Escalation Chrome Debian Linux Fedora +2
NVD
CVSS 3.1
8.8
EPSS
1.8%
CVE-2020-6436 HIGH This Week

Use after free in window management in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Use After Free Denial Of Service Memory Corruption Chrome +4
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2020-6423 HIGH This Week

Use after free in audio in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Use After Free Denial Of Service Memory Corruption Chrome +4
NVD
CVSS 3.1
8.8
EPSS
1.7%
CVE-2020-9478 HIGH This Week

An issue was discovered in Rubrik 5.0.3-2296. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Command Injection Cdm
NVD
CVSS 3.1
8.8
EPSS
3.1%
CVE-2020-10646 HIGH This Week

Fuji Electric V-Server Lite all versions prior to 4.0.9.0 contains a heap based buffer overflow. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow V Server
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2020-10642 HIGH This Week

In Rockwell Automation RSLinx Classic versions 4.11.00 and prior, an authenticated local attacker could modify a registry key, which could lead to the execution of malicious code using system. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Rockwell Information Disclosure Rslinx Classic
NVD
CVSS 3.1
7.8
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy