Skip to main content
CVE-2020-12823 CRITICAL POC PATCH Act Now

OpenConnect 8.09 has a buffer overflow, causing a denial of service (application crash) or possibly unspecified other impact, via crafted certificate data to get_cert_name in gnutls.c. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Denial Of Service Openconnect Fedora Debian Linux +1
NVD
CVSS 3.1
9.8
EPSS
4.6%
CVE-2020-6242 CRITICAL Act Now

SAP Business Objects Business Intelligence Platform (Live Data Connect), versions 1.0, 2.0, 2.1, 2.2, 2.3, allows an attacker to logon on the Central Management Console without password in case of. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SAP Authentication Bypass Businessobjects Business Intelligence Platform
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2020-1939 CRITICAL PATCH Act Now

The Apache NuttX (Incubating) project provides an optional separate "apps" repository which contains various optional components and example programs. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Apache Null Pointer Dereference Denial Of Service Nuttx
NVD
CVSS 3.1
9.8
EPSS
2.5%
CVE-2020-8159 CRITICAL PATCH Act Now

There is a vulnerability in actionpack_page-caching gem < v1.2.1 that allows an attacker to write arbitrary files to a web server, potentially resulting in remote code execution if the attacker can. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Path Traversal Actionpack Page Caching Debian Linux
NVD
CVSS 3.1
9.8
EPSS
5.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy