Skip to main content
CVE-2020-14004 HIGH POC PATCH This Week

An issue was discovered in Icinga2 before v2.12.0-rc1. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Icinga Backports Sle Leap
NVD GitHub
CVSS 3.1
7.8
EPSS
0.7%
CVE-2020-9636 HIGH PATCH This Week

Adobe Framemaker versions 2019.0.5 and below have a memory corruption vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow RCE Memory Corruption Adobe Framemaker
NVD
CVSS 3.1
8.8
EPSS
3.9%
CVE-2020-9635 HIGH PATCH This Week

Adobe Framemaker versions 2019.0.5 and below have an out-of-bounds write vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow RCE Memory Corruption Adobe Framemaker
NVD
CVSS 3.1
8.8
EPSS
4.5%
CVE-2020-9634 HIGH PATCH This Week

Adobe Framemaker versions 2019.0.5 and below have an out-of-bounds write vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow RCE Memory Corruption Adobe Framemaker
NVD
CVSS 3.1
8.8
EPSS
4.5%
CVE-2020-10752 HIGH PATCH This Week

A flaw was found in the OpenShift API Server, where it failed to sufficiently protect OAuthTokens by leaking them into the logs when an API Server panic occurred. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. This Insufficiently Protected Credentials vulnerability could allow attackers to obtain user credentials due to weak protection mechanisms.

Information Disclosure Openshift Container Platform
NVD GitHub
CVSS 3.1
7.5
EPSS
1.1%
CVE-2020-9645 HIGH PATCH This Week

Adobe Experience Manager versions 6.5 and earlier have a blind server-side request forgery (ssrf) vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Adobe SSRF Information Disclosure Experience Manager
NVD
CVSS 3.1
7.5
EPSS
3.3%
CVE-2020-9643 HIGH PATCH This Week

Adobe Experience Manager versions 6.5 and earlier have a server-side request forgery (ssrf) vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Adobe SSRF Information Disclosure Experience Manager
NVD
CVSS 3.1
7.5
EPSS
3.3%
CVE-2020-14048 HIGH This Week

Zoho ManageEngine ServiceDesk Plus before 11.1 build 11115 allows remote unauthenticated attackers to change the installation status of deployed agents. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Zoho Authentication Bypass Manageengine Servicedesk Plus
NVD
CVSS 3.1
7.5
EPSS
4.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy