Skip to main content
CVE-2020-15307 MEDIUM POC This Month

Nozomi Guardian before 19.0.4 allows attackers to achieve stored XSS (in the web front end) by leveraging the ability to create a custom field with a crafted field name. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Guardian
NVD
CVSS 3.1
6.1
EPSS
0.7%
CVE-2020-15401 MEDIUM POC This Month

IOBit Malware Fighter Pro 8.0.2.547 allows local users to gain privileges for file deletion by manipulating malicious flagged file locations with an NTFS junction and an Object Manager symbolic link. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Malware Fighter
NVD
CVSS 3.1
4.4
EPSS
0.4%
CVE-2020-14059 MEDIUM PATCH This Month

An issue was discovered in Squid 5.x before 5.0.3. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Squid
NVD
CVSS 3.1
6.5
EPSS
4.4%
CVE-2020-5587 MEDIUM This Month

Cybozu Garoon 4.0.0 to 5.0.1 allow remote authenticated attackers to obtain unintended information via unspecified vectors. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Garoon
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2020-5583 MEDIUM This Month

Cybozu Garoon 4.0.0 to 5.0.1 allows remote authenticated attackers to bypass access restriction to obtain unauthorized Multi-Report's data via unspecified vectors. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Garoon
NVD
CVSS 3.1
6.5
EPSS
1.0%
CVE-2020-5581 MEDIUM This Month

Path traversal vulnerability in Cybozu Garoon 4.0.0 to 5.0.1 allows remote authenticated attackers to obtain unintended information via unspecified vectors. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Garoon
NVD
CVSS 3.1
6.5
EPSS
1.8%
CVE-2020-5969 MEDIUM This Month

NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which it validates a shared resource before using it, creating a race condition which may lead to denial of service or. Rated medium severity (CVSS 6.3). No vendor patch available.

Race Condition Denial Of Service Nvidia Information Disclosure Virtual Gpu Manager
NVD
CVSS 3.1
6.3
EPSS
0.2%
CVE-2020-15085 MEDIUM PATCH This Month

In Saleor Storefront before version 2.10.3, request data used to authenticate customers was inadvertently cached in the browser's local storage mechanism, including credentials. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity.

Information Disclosure Saleor
NVD GitHub
CVSS 3.1
6.1
EPSS
0.6%
CVE-2020-5588 MEDIUM This Month

Path traversal vulnerability in Cybozu Garoon 5.0.0 to 5.0.1 allows attacker with administrator rights to obtain unintended information via unspecified vectors. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Garoon
NVD
CVSS 3.1
4.9
EPSS
1.0%
CVE-2020-5586 MEDIUM This Month

Cross-site scripting vulnerability in Cybozu Garoon 4.10.3 to 5.0.1 allows attacker with administrator rights to inject an arbitrary script via unspecified vectors. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Garoon
NVD
CVSS 3.1
4.8
EPSS
0.5%
CVE-2020-5585 MEDIUM This Month

Cross-site scripting vulnerability in Cybozu Garoon 5.0.0 to 5.0.1 allows attacker with administrator rights to inject an arbitrary script via unspecified vectors. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Garoon
NVD
CVSS 3.1
4.8
EPSS
0.5%
CVE-2020-15412 MEDIUM PATCH This Month

An issue was discovered in MISP 2.4.128. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

PHP Authentication Bypass Misp
NVD GitHub VulDB
CVSS 3.1
4.3
EPSS
0.7%
CVE-2020-5973 MEDIUM This Month

NVIDIA Virtual GPU Manager and the guest drivers contain a vulnerability in vGPU plugin, in which there is the potential to execute privileged operations, which may lead to denial of service. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Nvidia Virtual Gpu Ubuntu Linux
NVD
CVSS 3.1
4.4
EPSS
0.4%
CVE-2020-15400 MEDIUM PATCH This Month

CakePHP before 4.0.6 mishandles CSRF token generation. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS CSRF Cakephp
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2020-5582 MEDIUM This Month

Cybozu Garoon 4.0.0 to 5.0.1 allows remote authenticated attackers to bypass access restriction to alter the data for the file attached to Report via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Garoon
NVD
CVSS 3.1
4.3
EPSS
0.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy