Skip to main content
CVE-2020-1983 MEDIUM POC PATCH This Month

A use after free vulnerability in ip_reass() in ip_input.c of libslirp 4.2.0 and prior releases allows crafted packets to cause a denial of service. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. Public exploit code available.

Use After Free Denial Of Service Memory Corruption Libslirp Fedora +3
NVD
CVSS 3.1
6.5
EPSS
2.3%
CVE-2020-8831 MEDIUM POC This Month

Apport creates a world writable lock file with root ownership in the world writable /var/lock/apport directory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Ubuntu Linux Apport
NVD
CVSS 3.1
5.5
EPSS
0.7%
CVE-2020-7642 MEDIUM POC PATCH This Month

lazysizes through 5.2.0 allows execution of malicious JavaScript. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Lazysizes
NVD GitHub
CVSS 3.1
5.4
EPSS
0.9%
CVE-2020-8833 MEDIUM POC This Month

Time-of-check Time-of-use Race Condition vulnerability on crash report ownership change in Apport allows for a possible privilege escalation opportunity. Rated medium severity (CVSS 4.7). Public exploit code available and no vendor patch available.

Privilege Escalation Ubuntu Linux Apport
NVD
CVSS 3.1
4.7
EPSS
0.3%
CVE-2020-11649 MEDIUM This Month

An issue was discovered in GitLab CE and EE 8.15 through 12.9.2. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Gitlab Authentication Bypass
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2020-4085 MEDIUM This Month

"HCL Connections is vulnerable to possible information leakage and could disclose sensitive information via stack trace to a local user.". Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Connections
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2020-11689 MEDIUM This Month

In JetBrains TeamCity before 2019.2.1, a user without appropriate permissions was able to import settings from the settings.kts file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Teamcity
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2020-11416 MEDIUM This Month

JetBrains Space through 2020-04-22 allows stored XSS in Chats. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Space
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2020-11938 MEDIUM This Month

In JetBrains TeamCity 2018.2 through 2019.2.1, a project administrator was able to see scrambled password parameters used in a project. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Teamcity
NVD
CVSS 3.1
4.9
EPSS
0.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy