Skip to main content
CVE-2020-8789 MEDIUM POC This Month

Composr 10.0.30 allows Persistent XSS via a Usergroup name under the Security configuration. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Composr
NVD
CVSS 3.1
5.4
EPSS
0.7%
CVE-2020-13413 MEDIUM POC This Month

An issue was discovered in Aviatrix Controller before 5.4.1204. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Controller Vpn Client
NVD
CVSS 3.1
5.3
EPSS
1.4%
CVE-2020-13416 MEDIUM This Month

An issue was discovered in Aviatrix Controller before 5.4.1066. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Controller
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2020-7658 MEDIUM PATCH This Month

meinheld prior to 1.0.2 is vulnerable to HTTP Request Smuggling. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This HTTP Request/Response Smuggling vulnerability could allow attackers to manipulate HTTP request interpretation between frontend and backend servers.

Request Smuggling Information Disclosure Meinheld
NVD GitHub
CVSS 3.1
6.1
EPSS
0.7%
CVE-2020-3314 MEDIUM This Month

A vulnerability in the file scan process of Cisco AMP for Endpoints Mac Connector Software could cause the scan engine to crash during the scan of local files, resulting in a restart of the AMP. Rated medium severity (CVSS 6.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Advanced Malware Protection For Endpoints
NVD
CVSS 3.1
6.1
EPSS
0.6%
CVE-2020-10711 MEDIUM PATCH This Month

A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Linux Null Pointer Dereference Denial Of Service Linux Kernel 3Scale +9
NVD
CVSS 3.1
5.9
EPSS
3.1%
CVE-2020-13397 MEDIUM PATCH This Month

An issue was discovered in FreeRDP before 2.1.1. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Freerdp Ubuntu Linux Debian Linux +1
NVD GitHub
CVSS 3.1
5.5
EPSS
0.5%
CVE-2020-3344 MEDIUM This Month

A vulnerability in Cisco AMP for Endpoints Linux Connector Software and Cisco AMP for Endpoints Mac Connector Software could allow an authenticated, local attacker to cause a buffer overflow on an. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Cisco Advanced Malware Protection For Endpoints
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2020-3343 MEDIUM This Month

A vulnerability in Cisco AMP for Endpoints Linux Connector Software and Cisco AMP for Endpoints Mac Connector Software could allow an authenticated, local attacker to cause a buffer overflow on an. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Cisco Advanced Malware Protection For Endpoints
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2020-12397 MEDIUM PATCH This Month

By encoding Unicode whitespace characters within the From email header, an attacker can spoof the sender email address that Thunderbird displays. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Mozilla Information Disclosure Thunderbird Ubuntu Linux
NVD
CVSS 3.1
4.3
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy