Skip to main content
CVE-2020-23574 MEDIUM POC This Month

When uploading a file in Sysax Multi Server 6.90, an authenticated user can modify the filename="" parameter in the uploadfile_name1.htm form to a length of 368 or more bytes. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Multi Server
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2020-4648 MEDIUM PATCH This Month

A vulnerability exsists in IBM Planning Analytics 2.0 whereby avatars in Planning Analytics Workspace could be modified by other users without authorization to do so. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

IBM Information Disclosure Planning Analytics
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2020-4381 MEDIUM PATCH This Month

IBM Spectrum Scale for IBM Elastic Storage Server 5.3.0 through 5.3.6 could allow an authenticated user to cause a denial of service during deployment or upgrade if GUI specific services are enabled. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Elastic Denial Of Service IBM Elastic Storage Server
NVD
CVSS 3.1
6.5
EPSS
1.0%
CVE-2020-4653 MEDIUM PATCH This Month

IBM Planning Analytics 2.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

IBM Open Redirect Planning Analytics
NVD
CVSS 3.1
6.1
EPSS
0.7%
CVE-2020-9712 MEDIUM This Month

Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have a security bypass vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Adobe Authentication Bypass Acrobat Dc Acrobat Reader Dc
NVD
CVSS 3.1
5.5
EPSS
3.4%
CVE-2020-9703 MEDIUM This Month

Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have a stack exhaustion vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Adobe Denial Of Service Acrobat Dc Acrobat Reader Dc
NVD
CVSS 3.1
5.5
EPSS
2.4%
CVE-2020-9702 MEDIUM This Month

Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have a stack exhaustion vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Adobe Denial Of Service Acrobat Dc Acrobat Reader Dc
NVD
CVSS 3.1
5.5
EPSS
2.4%
CVE-2020-9697 MEDIUM This Month

Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have a disclosure of sensitive data vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Adobe Information Disclosure Acrobat Dc Acrobat Reader Dc
NVD
CVSS 3.1
5.5
EPSS
3.1%
CVE-2020-9696 MEDIUM This Month

Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have a security bypass vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Adobe Authentication Bypass Acrobat Dc Acrobat Reader Dc
NVD
CVSS 3.1
5.5
EPSS
2.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy