Skip to main content
CVE-2020-13909 CRITICAL PATCH Act Now

The Ignition component before 2.0.5 for Laravel mishandles globals, _get, _post, _cookie, and _env. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Ignition
NVD GitHub
CVSS 3.1
9.8
EPSS
1.5%
CVE-2020-13910 CRITICAL PATCH Act Now

Pengutronix Barebox through v2020.05.0 has an out-of-bounds read in nfs_read_reply in net/nfs.c because a field of an incoming network packet is directly used as a length field without any bounds. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Barebox
NVD
CVSS 3.1
9.1
EPSS
1.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy