Skip to main content
CVE-2020-13614 MEDIUM POC This Month

An issue was discovered in ssl.c in Axel before 2.17.8. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Information Disclosure Axel Fedora Backports Sle Leap
NVD GitHub
CVSS 3.1
5.9
EPSS
1.9%
CVE-2020-3812 MEDIUM POC This Month

qmail-verify as used in netqmail 1.06 is prone to an information disclosure vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Information Disclosure Netqmail Debian Linux Ubuntu Linux
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2020-13487 MEDIUM POC This Month

The bbPress plugin through 2.6.4 for WordPress has stored XSS in the Forum creation section, resulting in JavaScript execution at wp-admin/edit.php?post_type=forum (aka the Forum listing page) for. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS WordPress PHP Bbpress
NVD
CVSS 3.1
4.8
EPSS
1.4%
CVE-2020-10719 MEDIUM PATCH This Month

A flaw was found in Undertow in versions before 2.1.1.Final, regarding the processing of invalid HTTP requests with large chunk sizes. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Request Smuggling Information Disclosure Undertow Oncommand Insight Fuse +5
NVD
CVSS 3.1
6.5
EPSS
1.0%
CVE-2020-8170 MEDIUM This Month

We have recently released new version of AirMax AirOS firmware v6.3.0 for TI, XW and XM boards that fixes vulnerabilities found on AirMax AirOS v6.2.0 and prior TI, XW and XM boards, according to the. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Airos
NVD
CVSS 3.1
6.1
EPSS
1.0%
CVE-2020-10751 MEDIUM PATCH This Month

A flaw was found in the Linux kernels SELinux LSM hook implementation before version 5.7, where it incorrectly assumed that an skb would only contain a single netlink message. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity.

Information Disclosure Selinux Enterprise Linux Server
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2020-13616 MEDIUM PATCH This Month

The boost ASIO wrapper in net/asio.cpp in Pichi before 1.3.0 lacks TLS hostname verification. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Pichi
NVD GitHub
CVSS 3.1
5.9
EPSS
0.9%
CVE-2020-13615 MEDIUM PATCH This Month

lib/QoreSocket.cpp in Qore before 0.9.4.2 lacks hostname verification for X.509 certificates. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Qore
NVD GitHub
CVSS 3.1
5.9
EPSS
0.6%
CVE-2020-12392 MEDIUM This Month

The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP POST data of a request, which can be controlled by the website. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Mozilla Path Traversal Firefox Firefox Esr Thunderbird +1
NVD
CVSS 3.1
5.5
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy