Skip to main content
CVE-2020-7656 MEDIUM POC PATCH This Month

jquery prior to 1.9.0 allows Cross-site Scripting attacks via the load method. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Jquery Peoplesoft Enterprise Peopletools Active Iq Unified Manager Cloud Backup +3
NVD Exploit-DB
CVSS 3.1
6.1
EPSS
6.3%
CVE-2020-6956 MEDIUM POC This Month

PCS DEXICON 3.4.1 allows XSS via the loginName parameter in login_action.jsp. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Dexicon Enterprise
NVD
CVSS 3.1
6.1
EPSS
0.7%
CVE-2020-8617 MEDIUM POC PATCH THREAT This Month

Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows (or successfully guesses) the name of a TSIG key used by the. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Denial Of Service Bind Debian Linux Fedora Leap +1
NVD GitHub Exploit-DB
CVSS 3.1
5.9
EPSS
93.4%
CVE-2020-10135 MEDIUM POC This Month

Legacy pairing and secure-connections pairing authentication in Bluetooth BR/EDR Core Specification v5.2 and earlier may allow an unauthenticated user to complete authentication without pairing. Rated medium severity (CVSS 5.4), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Bluetooth Core Leap
NVD
CVSS 3.1
5.4
EPSS
2.4%
CVE-2020-8021 MEDIUM POC This Month

a Improper Access Control vulnerability in of Open Build Service allows remote attackers to read files of an OBS package where the sourceaccess/access is disabled This issue affects: Open Build. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Open Build Service Debian Linux
NVD
CVSS 3.1
5.3
EPSS
1.3%
CVE-2020-7137 MEDIUM This Month

A validation issue in HPE Superdome Flex's RMC component may allow local elevation of privilege. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Superdome Flex Server Firmware
NVD
CVSS 3.1
6.7
EPSS
0.3%
CVE-2020-10723 MEDIUM PATCH This Month

A memory corruption issue was found in DPDK versions 17.05 and above. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Buffer Overflow Integer Overflow Data Plane Development Kit Ubuntu Linux Fedora +3
NVD
CVSS 3.1
6.7
EPSS
0.4%
CVE-2020-10722 MEDIUM PATCH This Month

A vulnerability was found in DPDK versions 18.05 and above. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Buffer Overflow Integer Overflow Data Plane Development Kit Ubuntu Linux Fedora +3
NVD
CVSS 3.1
6.7
EPSS
0.4%
CVE-2020-2024 MEDIUM PATCH This Month

An improper link resolution vulnerability affects Kata Containers versions prior to 1.11.0. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Information Disclosure Runtime
NVD GitHub
CVSS 3.1
6.5
EPSS
0.4%
CVE-2020-4286 MEDIUM PATCH This Month

IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

IBM CSRF Infosphere Information Server Infosphere Information Server On Cloud
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2020-10134 MEDIUM This Month

Pairing in Bluetooth® Core v5.2 and earlier may permit an unauthenticated attacker to acquire credentials with two pairing devices via adjacent access when the unauthenticated user initiates. Rated medium severity (CVSS 6.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Bluetooth Core
NVD
CVSS 3.1
6.3
EPSS
0.7%
CVE-2020-11845 MEDIUM This Month

Cross Site Scripting vulnerability in Micro Focus Service Manager product. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Service Manager
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2020-12038 MEDIUM PATCH This Month

Products that use EDS Subsystem: Version 28.0.1 and prior (FactoryTalk Linx software (Previously called RSLinx Enterprise): Versions 6.00, 6.10, and 6.11, RSLinx Classic: Version 4.11.00 and prior,. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Eds Subsystem Rslinx Rslinx Enterprise Rsnetworx +1
NVD
CVSS 3.1
5.5
EPSS
2.5%
CVE-2020-4298 MEDIUM PATCH This Month

IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Infosphere Information Server Infosphere Information Server On Cloud
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2020-4412 MEDIUM This Month

The Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through 5.0.4.3 file system component is affected by a denial of service security vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service IBM Spectrum Scale
NVD
CVSS 3.1
5.3
EPSS
1.3%
CVE-2020-10724 MEDIUM PATCH This Month

A vulnerability was found in DPDK versions 18.11 and above. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Information Disclosure Integer Overflow Data Plane Development Kit Ubuntu Linux Fedora
NVD
CVSS 3.1
4.4
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy