Skip to main content
CVE-2020-10616 HIGH This Week

Opto 22 SoftPAC Project Version 9.6 and prior. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Softpac Project
NVD
CVSS 3.1
8.8
EPSS
1.7%
CVE-2020-5577 HIGH This Week

Movable Type series (Movable Type 7 r.4606 (7.2.1) and earlier (Movable Type 7), Movable Type Advanced 7 r.4606 (7.2.1) and earlier (Movable Type Advanced 7), Movable Type for AWS 7 r.4606 (7.2.1). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

File Upload PHP Movable Type
NVD
CVSS 3.1
8.8
EPSS
1.7%
CVE-2020-5576 HIGH This Week

Cross-site request forgery (CSRF) vulnerability in Movable Type series (Movable Type 7 r.4606 (7.2.1) and earlier (Movable Type 7), Movable Type Advanced 7 r.4606 (7.2.1) and earlier (Movable Type. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Movable Type
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2020-11069 HIGH PATCH This Week

In TYPO3 CMS 9.0.0 through 9.5.16 and 10.0.0 through 10.4.1, it has been discovered that the backend user interface and install tool are vulnerable to a same-site request forgery. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS File Upload CSRF Typo3
NVD GitHub
CVSS 3.1
8.8
EPSS
0.7%
CVE-2020-11067 HIGH PATCH This Week

In TYPO3 CMS 9.0.0 through 9.5.16 and 10.0.0 through 10.4.1, it has been discovered that backend user settings (in $BE_USER->uc) are vulnerable to insecure deserialization. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Deserialization Typo3
NVD GitHub
CVSS 3.1
8.8
EPSS
2.0%
CVE-2020-0110 HIGH PATCH This Week

In psi_write of psi.c, there is a possible out of bounds write due to a missing bounds check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Google Privilege Escalation Memory Corruption Android +139
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2020-0109 HIGH PATCH This Week

In simulatePackageSuspendBroadcast of NotificationManagerService.java, there is a missing permission check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Google Privilege Escalation Authentication Bypass Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2020-0105 HIGH PATCH This Week

In onKeyguardVisibilityChanged of key_store_service.cpp, there is a missing permission check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Google Privilege Escalation Authentication Bypass Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2020-0102 HIGH PATCH This Week

In GattServer::SendResponse of gatt_server.cc, there is a possible out of bounds write due to an incorrect bounds check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Google Privilege Escalation Memory Corruption Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2020-0098 HIGH PATCH This Week

In navigateUpToLocked of ActivityStack.java, there is a possible permission bypass due to a confused deputy. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Google Privilege Escalation Android
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2020-0097 HIGH PATCH This Week

In various methods of PackageManagerService.java, there is a possible permission bypass due to a missing condition for system apps. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Google Privilege Escalation Authentication Bypass Android
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2020-0096 HIGH PATCH This Week

In startActivities of ActivityStartController.java, there is a possible escalation of privilege due to a confused deputy. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Google Privilege Escalation Android
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2020-0094 HIGH PATCH This Week

In setImageHeight and setImageWidth of ExifUtils.cpp, there is a possible out of bounds write due to an incorrect bounds check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Google Privilege Escalation Memory Corruption Android
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2020-0024 HIGH PATCH This Week

In onCreate of SettingsBaseActivity.java, there is a possible unauthorized setting modification due to a permissions bypass. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Incorrect Default Permissions vulnerability could allow attackers to access resources due to overly permissive default settings.

Google Privilege Escalation Android
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2020-4468 HIGH This Week

IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacker to execute arbitrary code on the system, caused by memory corruption. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE IBM Memory Corruption I2 Analysts Notebook
NVD
CVSS 3.1
7.8
EPSS
2.8%
CVE-2020-4467 HIGH This Week

IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacker to execute arbitrary code on the system, caused by memory corruption. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE IBM Memory Corruption I2 Analysts Notebook
NVD
CVSS 3.1
7.8
EPSS
2.8%
CVE-2020-4422 HIGH This Week

IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE IBM Memory Corruption I2 Analysts Notebook
NVD
CVSS 3.1
7.8
EPSS
2.8%
CVE-2020-4343 HIGH This Week

IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE IBM Memory Corruption I2 Analysts Notebook
NVD
CVSS 3.1
7.8
EPSS
2.8%
CVE-2020-4288 HIGH This Week

IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption error. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE IBM Memory Corruption I2 Analysts Notebook
NVD
CVSS 3.1
7.8
EPSS
2.8%
CVE-2020-4287 HIGH This Week

IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption error. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE IBM Memory Corruption I2 Analysts Notebook
NVD
CVSS 3.1
7.8
EPSS
2.8%
CVE-2020-4285 HIGH This Week

IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption error. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE IBM Memory Corruption I2 Analysts Notebook
NVD
CVSS 3.1
7.8
EPSS
2.8%
CVE-2020-4266 HIGH This Week

IBM i2 Intelligent Analyis Platform 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE IBM Memory Corruption I2 Analysts Notebook
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-4264 HIGH This Week

IBM i2 Intelligent Analyis Platform 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE IBM Memory Corruption I2 Analysts Notebook
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-4263 HIGH This Week

IBM i2 Intelligent Analyis Platform 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE IBM Memory Corruption I2 Analysts Notebook
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-4262 HIGH This Week

IBM i2 Intelligent Analyis Platform 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE IBM Memory Corruption I2 Analysts Notebook
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-4261 HIGH This Week

IBM i2 Intelligent Analyis Platform 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE IBM Memory Corruption I2 Analysts Notebook
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-4258 HIGH This Week

IBM i2 Intelligent Analyis Platform 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE IBM Memory Corruption I2 Analysts Notebook
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-4257 HIGH This Week

IBM i2 Intelligent Analyis Platform 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE IBM Memory Corruption I2 Analysts Notebook
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-10626 HIGH This Week

In Fazecast jSerialComm, Version 2.2.2 and prior, an uncontrolled search path element vulnerability could allow a malicious DLL file with the same name of any resident DLLs inside the software. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Jserialcomm Ecostruxure It Gateway
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2020-12877 HIGH This Week

Veritas APTARE versions prior to 10.4 allowed sensitive information to be accessible without authentication. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Aptare
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2020-12876 HIGH This Week

Veritas APTARE versions prior to 10.4 allowed remote users to access several unintended files on the server. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Aptare
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2020-11971 HIGH PATCH This Week

Apache Camel's JMX is vulnerable to Rebind Flaw. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Apache Information Disclosure Camel Communications Diameter Intelligence Hub Communications Diameter Signaling Router +2
NVD
CVSS 3.1
7.5
EPSS
14.3%
CVE-2020-4265 HIGH This Week

IBM i2 Intelligent Analyis Platform 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE IBM Memory Corruption I2 Analysts Notebook
NVD
CVSS 3.1
7.3
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy