Skip to main content
CVE-2020-11066 CRITICAL PATCH Act Now

In TYPO3 CMS greater than or equal to 9.0.0 and less than 9.5.17 and greater than or equal to 10.0.0 and less than 10.4.2, calling unserialize() on malicious user-submitted content can lead to. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Deserialization Typo3
NVD GitHub
CVSS 3.1
10.0
EPSS
1.5%
CVE-2020-10620 CRITICAL Act Now

Opto 22 SoftPAC Project Version 9.6 and prior. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Softpac Project
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2020-0221 CRITICAL Act Now

Airbrush FW's scratch memory allocator is susceptible to numeric overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Buffer Overflow Android
NVD
CVSS 3.1
9.8
EPSS
0.5%
CVE-2020-0103 CRITICAL PATCH Act Now

In a2dp_aac_decoder_cleanup of a2dp_aac_decoder.cc, there is a possible invalid free due to memory corruption. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google RCE Buffer Overflow Android
NVD
CVSS 3.1
9.8
EPSS
1.6%
CVE-2020-12874 CRITICAL Act Now

Veritas APTARE versions prior to 10.4 included code that bypassed the normal login process when specific authentication credentials were provided to the server. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Aptare
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2020-11973 CRITICAL PATCH Act Now

Apache Camel Netty enables Java deserialization by default. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache Java Deserialization Camel Communications Diameter Signaling Router +2
NVD
CVSS 3.1
9.8
EPSS
6.6%
CVE-2020-11972 CRITICAL PATCH Act Now

Apache Camel RabbitMQ enables Java deserialization by default. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache Java Deserialization Camel Communications Diameter Signaling Router +2
NVD
CVSS 3.1
9.8
EPSS
5.5%
CVE-2020-10612 CRITICAL Act Now

Opto 22 SoftPAC Project Version 9.6 and prior. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Softpac Project
NVD
CVSS 3.1
9.1
EPSS
1.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy