Skip to main content
CVE-2020-10703 MEDIUM POC PATCH This Month

A NULL pointer dereference was found in the libvirt API responsible introduced in upstream version 3.10.0, and fixed in libvirt 6.0.0, for fetching a storage pool based on its target path. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Null Pointer Dereference Denial Of Service Libvirt
NVD
CVSS 3.1
6.5
EPSS
2.4%
CVE-2020-13228 MEDIUM POC This Month

An issue was discovered in Sysax Multi Server 6.90. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Multi Server
NVD GitHub Exploit-DB
CVSS 3.1
6.1
EPSS
3.1%
CVE-2020-10959 MEDIUM POC PATCH This Month

resources/src/mediawiki.page.ready/ready.js in MediaWiki before 1.35 allows remote attackers to force a logout and external redirection via HTML content in a MediaWiki page. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Open Redirect Mediawiki
NVD
CVSS 3.1
6.1
EPSS
1.4%
CVE-2020-13227 MEDIUM POC This Month

An issue was discovered in Sysax Multi Server 6.90. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Multi Server
NVD GitHub
CVSS 3.1
5.3
EPSS
1.9%
CVE-2020-13754 MEDIUM PATCH This Month

hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access via a crafted address in an msi-x mmio operation. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Qemu Ubuntu Linux Debian Linux
NVD
CVSS 3.1
6.7
EPSS
0.4%
CVE-2020-13775 MEDIUM PATCH This Month

ZNC 1.8.0 up to 1.8.1-rc1 allows authenticated users to trigger an application crash (with a NULL pointer dereference) if echo-message is not enabled and there is no network. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Null Pointer Dereference Denial Of Service Znc Fedora
NVD GitHub
CVSS 3.1
6.5
EPSS
1.8%
CVE-2020-13762 MEDIUM This Month

In Joomla!. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Joomla
NVD
CVSS 3.1
6.1
EPSS
1.0%
CVE-2020-13761 MEDIUM This Month

In Joomla!. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Joomla
NVD
CVSS 3.1
6.1
EPSS
1.0%
CVE-2020-4503 MEDIUM PATCH This Month

IBM Planning Analytics Local 2.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Planning Analytics Local
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2020-4366 MEDIUM PATCH This Month

IBM Planning Analytics Local 2.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Planning Analytics Local
NVD
CVSS 3.1
6.1
EPSS
0.7%
CVE-2020-13401 MEDIUM PATCH This Month

An issue was discovered in Docker Engine before 19.03.11. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Docker Engine Fedora Debian Linux +1
NVD GitHub
CVSS 3.1
6.0
EPSS
2.8%
CVE-2020-4431 MEDIUM PATCH This Month

IBM Planning Analytics Local 2.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Planning Analytics Local
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2020-4360 MEDIUM PATCH This Month

IBM Planning Analytics Local 2.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Planning Analytics Local
NVD
CVSS 3.1
5.4
EPSS
0.7%
CVE-2020-10136 MEDIUM This Month

IP-in-IP protocol specifies IP Encapsulation within IP standard (RFC 2003, STD 1) that decapsulate and route IP-in-IP traffic is vulnerable to spoofing, access-control bypass and other unexpected. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Nx Os Ucs Manager Saros X3220Nr Firmware +2
NVD
CVSS 3.1
5.3
EPSS
28.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy