Skip to main content
CVE-2020-24007 CRITICAL POC Act Now

Umanni RH 1.0 does not limit the number of authentication attempts. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Human Resources
NVD GitHub
CVSS 3.1
9.8
EPSS
1.6%
CVE-2020-14498 CRITICAL Act Now

HMS Industrial Networks AB eCatcher all versions prior to 6.5.5 is vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute arbitrary code. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow Ecatcher
NVD
CVSS 3.1
10.0
EPSS
2.9%
CVE-2020-15158 CRITICAL PATCH Act Now

In libIEC61850 before version 1.4.3, when a message with COTP message length field with value < 4 is received an integer underflow will happen leading to heap buffer overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Libiec61850
NVD GitHub
CVSS 3.1
9.8
EPSS
2.0%
CVE-2020-3446 CRITICAL Act Now

A vulnerability in Cisco Virtual Wide Area Application Services (vWAAS) with Cisco Enterprise NFV Infrastructure Software (NFVIS)-bundled images for Cisco ENCS 5400-W Series and CSP 5000-W Series. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Encs 5406 W Firmware Encs 5408 W Firmware Encs 5412 W Firmware +2
NVD
CVSS 3.1
9.8
EPSS
1.4%
CVE-2020-24653 CRITICAL PATCH Act Now

secure-store in Expo through 2.16.1 on iOS provides the insecure kSecAttrAccessibleAlwaysThisDeviceOnly policy when WHEN_UNLOCKED_THIS_DEVICE_ONLY is used. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Apple Expo
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy