Skip to main content
CVE-2020-12078 HIGH POC PATCH This Week

An issue was discovered in Open-AudIT 3.3.1. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Command Injection PHP Open Audit
NVD GitHub
CVSS 3.1
8.8
EPSS
10.0%
CVE-2020-7644 HIGH POC This Week

fun-map through 3.3.1 is vulnerable to Prototype Pollution. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Prototype Pollution Information Disclosure Fun Map
NVD GitHub
CVSS 3.1
8.1
EPSS
1.2%
CVE-2020-12243 HIGH POC PATCH This Week

In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Openldap Debian Linux Leap Ubuntu Linux +14
NVD
CVSS 3.1
7.5
EPSS
4.4%
CVE-2020-11014 HIGH PATCH This Week

Electron-Cash-SLP before version 3.6.2 has a vulnerability. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Electron Cash Slp
NVD GitHub
CVSS 3.1
8.6
EPSS
1.6%
CVE-2020-12103 HIGH This Week

In Tiny File Manager 2.4.1 there is a vulnerability in the ajax file backup copy functionality which allows authenticated users to create backup copies of files (with .bak extension) outside the. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Tiny File Manager
NVD GitHub
CVSS 3.1
7.7
EPSS
1.5%
CVE-2020-12102 HIGH This Week

In Tiny File Manager 2.4.1, there is a Path Traversal vulnerability in the ajax recursive directory listing functionality. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Tiny File Manager
NVD GitHub
CVSS 3.1
7.7
EPSS
1.8%
CVE-2020-10663 HIGH PATCH This Week

The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Json Fedora Leap Debian Linux +1
NVD
CVSS 3.1
7.5
EPSS
6.8%
CVE-2020-10641 HIGH This Week

An unprotected logging route may allow an attacker to write endless log statements into the database without space limits or authentication. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Ignition Gateway
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2020-5567 HIGH This Week

Improper authentication vulnerability in Cybozu Garoon 4.0.0 to 4.10.3 allows remote attackers to obtain data in Application Menu. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Garoon
NVD
CVSS 3.1
7.5
EPSS
1.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy