Skip to main content
CVE-2020-13702 CRITICAL POC PATCH Act Now

The Rolling Proximity Identifier used in the Apple/Google Exposure Notification API beta through 2020-05-29 enables attackers to circumvent Bluetooth Smart Privacy because there is a secondary. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Google Apple Information Disclosure The Rolling Proximity Identifier
NVD GitHub
CVSS 3.1
10.0
EPSS
2.2%
CVE-2020-13854 CRITICAL POC Act Now

Artica Pandora FMS 7.44 allows privilege escalation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Pandora Fms
NVD
CVSS 3.1
9.8
EPSS
3.0%
CVE-2020-0217 CRITICAL PATCH Act Now

In RW_T4tPresenceCheck of rw_t4t.cc, there is a possible out of bounds write due to a missing bounds check. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Google Memory Corruption RCE Android
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2020-0201 CRITICAL PATCH Act Now

In showSecurityFields of WifiConfigController.java there is a possible credential leak due to a confused deputy. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Java Privilege Escalation Android
NVD
CVSS 3.1
9.8
EPSS
1.8%
CVE-2020-0138 CRITICAL PATCH Act Now

In get_element_attr_rsp of btif_rc.cc, there is a possible out of bounds write due to a missing bounds check. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Google Memory Corruption RCE Android
NVD
CVSS 3.1
9.8
EPSS
1.4%
CVE-2020-4101 CRITICAL Act Now

"HCL Digital Experience is susceptible to Server Side Request Forgery.". Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF Hcl Digital Experience
NVD
CVSS 3.1
9.8
EPSS
1.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy