Skip to main content
CVE-2020-15033 MEDIUM This Month

NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS PHP Nedi
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2020-15032 MEDIUM This Month

NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS PHP Nedi
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2020-15031 MEDIUM This Month

NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS PHP Nedi
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2020-15030 MEDIUM This Month

NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS PHP Nedi
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2020-15029 MEDIUM This Month

NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS PHP Nedi
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2020-15028 MEDIUM This Month

NeDi 1.9C is vulnerable to a cross-site scripting (XSS) attack. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS PHP Nedi
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2020-15517 MEDIUM PATCH This Month

The ke_search (aka Faceted Search) extension through 2.8.2, and 3.x through 3.1.3, for TYPO3 allows XSS. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Faceted Search
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2020-15516 MEDIUM This Month

The mm_forum extension through 1.9.5 for TYPO3 allows XSS that can be exploited via CSRF. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS CSRF Mm Forum
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2020-15514 MEDIUM PATCH This Month

The jh_captcha extension through 2.1.3, and 3.x through 3.0.2, for TYPO3 allows XSS. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Jh Captcha
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2020-15581 MEDIUM This Month

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung Information Disclosure Android
NVD
CVSS 3.1
5.3
EPSS
0.3%
CVE-2020-15525 MEDIUM This Month

GitLab EE 11.3 through 13.1.2 has Incorrect Access Control because of the Maven package upload endpoint. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Gitlab Information Disclosure
NVD
CVSS 3.1
5.3
EPSS
1.1%
CVE-2020-15513 MEDIUM PATCH This Month

The typo3_forum extension before 1.2.1 for TYPO3 has Incorrect Access Control. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Typo3 Forum
NVD
CVSS 3.1
5.3
EPSS
0.8%
CVE-2020-15095 MEDIUM PATCH This Month

Versions of the npm CLI prior to 6.14.6 are vulnerable to an information exposure vulnerability through log files. Rated medium severity (CVSS 4.4).

Node.js Information Disclosure npm Leap Fedora
NVD GitHub
CVSS 3.1
4.4
EPSS
0.4%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy