Skip to main content
CVE-2020-11939 CRITICAL POC PATCH Act Now

In nDPI through 3.2 Stable, the SSH protocol dissector has multiple KEXINIT integer overflows that result in a controlled remote heap overflow in concat_hash_string in ssh.c. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE Integer Overflow Ndpi
NVD GitHub
CVSS 3.1
9.8
EPSS
3.3%
CVE-2020-12079 CRITICAL Act Now

Beaker before 0.8.9 allows a sandbox escape, enabling system access and code execution. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Prototype Pollution Beaker
NVD GitHub
CVSS 3.1
10.0
EPSS
2.2%
CVE-2020-4415 CRITICAL PATCH Act Now

IBM Spectrum Protect 7.1 and 8.1 server is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow RCE IBM Spectrum Protect
NVD
CVSS 3.1
9.8
EPSS
8.1%
CVE-2020-11945 CRITICAL PATCH Act Now

An issue was discovered in Squid before 5.0.2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

RCE Integer Overflow Squid Debian Linux Leap +2
NVD GitHub
CVSS 3.1
9.8
EPSS
27.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy