Skip to main content
CVE-2020-11063 LOW PATCH Monitor

In TYPO3 CMS versions 10.4.0 and 10.4.1, it has been discovered that time-based attacks can be used with the password reset functionality for backend users. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Typo3
NVD GitHub
CVSS 3.1
3.7
EPSS
1.2%
CVE-2020-11932 LOW PATCH Monitor

It was discovered that the Subiquity installer for Ubuntu Server logged the LUKS full disk encryption password if one was entered. Rated low severity (CVSS 2.3), this vulnerability is low attack complexity.

Ubuntu Information Disclosure Subiquity
NVD GitHub
CVSS 3.1
2.3
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy