Skip to main content
CVE-2020-17466 CRITICAL POC Act Now

Turcom TRCwifiZone through 2020-08-10 allows authentication bypass by visiting manage/control.php and ignoring 302 Redirect responses. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass PHP Trcwifizone
NVD
CVSS 3.1
9.8
EPSS
1.5%
CVE-2020-11552 CRITICAL POC Act Now

An elevation of privilege vulnerability exists in ManageEngine ADSelfService Plus before build 6003 because it does not properly enforce user privileges associated with a Certificate dialog. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Zoho Privilege Escalation Microsoft Manageengine Adselfservice Plus
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
7.4%
CVE-2020-0253 CRITICAL Act Now

There is a possible memory corruption due to a use after free.Product: AndroidVersions: Android SoCAndroid ID: A-152647365. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Memory Corruption Google Use After Free +1
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2020-0252 CRITICAL Act Now

There is a possible memory corruption due to a use after free.Product: AndroidVersions: Android SoCAndroid ID: A-152236803. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Memory Corruption Google Use After Free +1
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2020-17368 CRITICAL Act Now

Firejail through 0.9.62 mishandles shell metacharacters during use of the --output or --output-stderr option, which may lead to command injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Firejail Debian Linux Fedora Leap
NVD GitHub
CVSS 3.1
9.8
EPSS
4.1%
CVE-2020-0260 CRITICAL Act Now

There is a possible out of bounds read due to an incorrect bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-152225183. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Google Information Disclosure Android
NVD
CVSS 3.1
9.1
EPSS
0.5%
CVE-2020-14324 CRITICAL Act Now

A high severity vulnerability was found in all active versions of Red Hat CloudForms before 5.11.7.0. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Red Hat Cloudforms Management Engine
NVD
CVSS 3.1
9.1
EPSS
2.5%
CVE-2020-14325 CRITICAL Act Now

Red Hat CloudForms before 5.11.7.0 was vulnerable to the User Impersonation authorization flaw which allows malicious attacker to create existent and non-existent role-based access control user, with. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Red Hat Cloudforms
NVD
CVSS 3.1
9.1
EPSS
1.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy