Skip to main content
CVE-2020-8558 HIGH POC PATCH This Week

The Kubelet and kube-proxy components in versions 1.1.0-1.16.10, 1.17.0-1.17.6, and 1.18.0-1.18.3 were found to contain a security issue which allows adjacent hosts to reach TCP and UDP services. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Kubernetes
NVD GitHub
CVSS 3.1
8.8
EPSS
3.6%
CVE-2020-12845 HIGH POC This Week

Cherokee 0.4.27 to 1.2.104 is affected by a denial of service due to a NULL pointer dereferences. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Cherokee
NVD GitHub
CVSS 3.1
7.5
EPSS
3.2%
CVE-2020-7694 HIGH POC PATCH This Week

This affects all versions of package uvicorn. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Code Injection Uvicorn
NVD GitHub
CVSS 3.1
7.5
EPSS
1.3%
CVE-2020-15953 HIGH POC This Week

LibEtPan through 1.9.4, as used in MailCore 2 through 0.6.3 and other products, has a STARTTLS buffering issue that affects IMAP, SMTP, and POP3. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Code Injection Libetpan Mailcore2 Fedora Debian Linux
NVD GitHub
CVSS 3.1
7.4
EPSS
2.4%
CVE-2020-5611 HIGH This Week

Cross-site request forgery (CSRF) vulnerability in Social Sharing Plugin versions prior to 1.2.10 allows remote attackers to hijack the authentication of administrators via unspecified vectors. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Social Sharing
NVD
CVSS 3.1
8.8
EPSS
1.2%
CVE-2020-1457 HIGH PATCH This Week

A remote code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory, aka 'Microsoft Windows Codecs Library Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Microsoft RCE Memory Corruption Windows 10
NVD
CVSS 3.1
7.8
EPSS
12.3%
CVE-2020-1425 HIGH PATCH This Week

A remoted code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory, aka 'Microsoft Windows Codecs Library Remote Code Execution Vulnerability'. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Windows 10
NVD
CVSS 3.1
7.8
EPSS
9.0%
CVE-2020-15593 HIGH This Week

SteelCentral Aternity Agent 11.0.0.120 on Windows mishandles IPC. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Microsoft Steelcentral Aternity Agent
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-10609 HIGH This Week

Grundfos CIM 500 v06.16.00 stores plaintext credentials, which may allow sensitive information to be read or allow modification to system settings by someone with access to the device. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Cim 500
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2020-15592 HIGH This Week

SteelCentral Aternity Agent before 11.0.0.120 on Windows allows Privilege Escalation via a crafted file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Path Traversal Steelcentral Aternity Agent
NVD
CVSS 3.1
7.5
EPSS
1.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy