Skip to main content
CVE-2020-14196 MEDIUM This Month

In PowerDNS Recursor versions up to and including 4.3.1, 4.2.2 and 4.1.16, the ACL restricting access to the internal web server is not properly enforced. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Recursor
NVD
CVSS 3.1
5.3
EPSS
1.7%
CVE-2020-4355 MEDIUM PATCH This Month

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to a denial of service, caused by improper handling of Secure Sockets Layer (SSL). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service IBM Microsoft Db2
NVD
CVSS 3.1
5.3
EPSS
2.2%
CVE-2020-6261 MEDIUM This Month

SAP Solution Manager (Trace Analysis), version 7.20, allows an attacker to perform a log injection into the trace file, due to Incomplete XML Validation. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection SAP Solution Manager
NVD
CVSS 3.1
5.3
EPSS
0.8%
CVE-2020-14165 MEDIUM This Month

The UniversalAvatarResource.getAvatars resource in Jira Server and Data Center before version 8.9.0 allows remote attackers to obtain information about custom project avatars names via an Improper. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Atlassian Information Disclosure Jira Jira Software Data Center
NVD
CVSS 3.1
5.3
EPSS
1.0%
CVE-2020-4025 MEDIUM This Month

The attachment download resource in Atlassian Jira Server and Data Center The attachment download resource in Atlassian Jira Server and Data Center before 8.5.5, and from 8.6.0 before 8.8.2, and from. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Atlassian Jira Jira Data Center Jira Server +1
NVD
CVSS 3.1
4.8
EPSS
0.9%
CVE-2020-4387 MEDIUM PATCH This Month

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a local user to obtain sensitive information using a race condition of a symbolic link. Rated medium severity (CVSS 4.7).

Race Condition IBM Microsoft Information Disclosure Db2
NVD
CVSS 3.1
4.7
EPSS
0.2%
CVE-2020-4386 MEDIUM PATCH This Month

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a local user to obtain sensitive information using a race condition of a symbolic link. Rated medium severity (CVSS 4.7).

Race Condition IBM Microsoft Information Disclosure Db2
NVD
CVSS 3.1
4.7
EPSS
0.2%
CVE-2020-4027 MEDIUM PATCH This Month

Affected versions of Atlassian Confluence Server and Data Center allowed remote attackers with system administration permissions to bypass velocity template injection mitigations via an injection. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, low attack complexity.

Atlassian Authentication Bypass Confluence Confluence Server
NVD
CVSS 3.1
4.7
EPSS
1.5%
CVE-2020-4414 MEDIUM PATCH This Month

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a local attacker to perform unauthorized actions on the system, caused by improper usage. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.

Denial Of Service IBM Microsoft Db2
NVD
CVSS 3.1
4.4
EPSS
0.3%
CVE-2020-5905 MEDIUM This Month

In version 11.6.1-11.6.5.2 of the BIG-IP system Configuration utility Network > WCCP page, the system does not sanitize all user-provided data before display. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Big Ip Access Policy Manager Big Ip Advanced Firewall Manager Big Ip Analytics Big Ip Application Acceleration Manager +7
NVD
CVSS 3.1
4.3
EPSS
0.7%
CVE-2020-4029 MEDIUM This Month

The /rest/project-templates/1.0/createshared resource in Atlassian Jira Server and Data Center before version 8.5.5, from 8.6.0 before 8.7.2, and from 8.8.0 before 8.8.1 allows remote attackers to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Atlassian Information Disclosure Jira Jira Data Center Jira Server +1
NVD
CVSS 3.1
4.3
EPSS
1.4%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy