Skip to main content
CVE-2020-12762 HIGH POC This Week

json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Integer Overflow Json C Fedora Debian Linux +2
NVD GitHub
CVSS 3.1
7.8
EPSS
1.9%
CVE-2020-12766 CRITICAL Act Now

Gnuteca 3.8 allows action=main:search:simpleSearch SQL Injection via the exemplaryStatusId parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Gnuteca
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2020-12637 CRITICAL Act Now

Zulip Desktop before 5.2.0 has Missing SSL Certificate Validation because all validation was inadvertently disabled during an attempt to recognize the ignoreCerts option. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Zulip Desktop
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2020-12771 MEDIUM POC PATCH This Month

An issue was discovered in the Linux kernel through 5.6.11. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.

Linux Information Disclosure Linux Kernel Debian Linux Leap +21
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2020-12769 MEDIUM POC PATCH This Month

An issue was discovered in the Linux kernel before 5.4.17. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.

Linux Information Disclosure Linux Kernel Debian Linux Ubuntu Linux +20
NVD
CVSS 3.1
5.5
EPSS
0.7%
CVE-2020-12764 MEDIUM POC This Month

Gnuteca 3.8 allows file.php?folder=/&file= Directory Traversal. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Path Traversal Gnuteca
NVD GitHub
CVSS 3.1
5.3
EPSS
1.3%
CVE-2020-12761 CRITICAL PATCH Act Now

modules/loaders/loader_ico.c in imlib2 1.6.0 has an integer overflow (with resultant invalid memory allocations and out-of-bounds reads) via an icon with many colors in its color map. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Imlib2
NVD
CVSS 3.1
9.1
EPSS
1.6%
CVE-2020-12770 MEDIUM PATCH This Month

An issue was discovered in the Linux kernel through 5.6.11. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Linux Information Disclosure Linux Kernel Fedora Ubuntu Linux +20
NVD
CVSS 3.1
6.7
EPSS
0.6%
CVE-2020-12768 MEDIUM PATCH This Month

An issue was discovered in the Linux kernel before 5.6. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Memory Leak vulnerability could allow attackers to exhaust available memory leading to denial of service.

Linux Information Disclosure Linux Kernel Ubuntu Linux Debian Linux
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2020-12767 MEDIUM PATCH This Month

exif_entry_get_value in exif-entry.c in libexif 0.6.21 has a divide-by-zero error. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Libexif Debian Linux Ubuntu Linux Leap
NVD GitHub
CVSS 3.1
5.5
EPSS
0.5%
CVE-2020-12765 MEDIUM This Month

Solis Miolo 2.0 allows index.php?module=install&action=view&item= Directory Traversal. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP Path Traversal Miolo
NVD GitHub
CVSS 3.1
5.3
EPSS
1.3%
CVE-2020-12755 LOW PATCH Monitor

fishProtocol::establishConnection in fish/fish.cpp in KDE kio-extras through 20.04.0 makes a cacheAuthentication call even if the user had not set the keepPassword option. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Information Disclosure Kio Extras
NVD
CVSS 3.1
3.3
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy