Skip to main content
CVE-2020-3811 HIGH POC This Week

qmail-verify as used in netqmail 1.06 is prone to a mail-address verification bypass vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Netqmail Debian Linux Ubuntu Linux
NVD
CVSS 3.1
7.5
EPSS
1.8%
CVE-2020-8168 HIGH This Week

We have recently released new version of AirMax AirOS firmware v6.3.0 for TI, XW and XM boards that fixes vulnerabilities found on AirMax AirOS v6.2.0 and prior TI, XW and XM boards, according to the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Airos
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2020-12387 HIGH This Week

A race condition when running shutdown code for Web Worker led to a use-after-free vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Race Condition Denial Of Service Mozilla Firefox Firefox Esr +1
NVD
CVSS 3.1
8.1
EPSS
1.4%
CVE-2020-9046 HIGH This Week

A vulnerability in all versions of Kantech EntraPass Editions could potentially allow an authorized low-privileged user to gain full system-level privileges by replacing critical files with. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Kantech Entrapass
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-12393 HIGH This Week

The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP method of a request, which can be controlled by the website. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Mozilla Command Injection Firefox Firefox Esr +1
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2020-6830 HIGH This Week

For native-to-JS bridging, the app requires a unique token to be passed that ensures non-app code can't call the bridging functions. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Mozilla Information Disclosure Firefox
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2020-12391 HIGH This Week

Documents formed using data: URLs in an OBJECT element failed to inherit the CSP of the creating context. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Mozilla Authentication Bypass Firefox
NVD
CVSS 3.1
7.5
EPSS
1.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy