Skip to main content
CVE-2020-7712 HIGH POC PATCH This Week

This affects the package json before 10.0.0. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Command Injection Json Commerce Guided Search Financial Services Crime And Compliance Management Studio Financial Services Regulatory Reporting With Agilereporter +1
NVD GitHub
CVSS 3.1
7.2
EPSS
3.7%
CVE-2020-8244 MEDIUM POC PATCH This Month

A buffer over-read vulnerability exists in bl <4.0.3, <3.0.1, <2.2.1, and <1.2.3 which could allow an attacker to supply user input (even typed) that if it ends up in consume() argument and can. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Bufferlist Debian Linux
NVD
CVSS 3.1
6.5
EPSS
2.2%
CVE-2020-24104 MEDIUM POC This Month

XSS on the PIX-Link Repeater/Router LV-WR07 with firmware v28K.Router.20170904 allows attackers to steal credentials without being connected to the network. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Lv Wr07 Firmware
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2020-24223 MEDIUM POC THREAT This Month

Mara CMS 7.5 allows cross-site scripting (XSS) in contact.php via the theme or pagetheme parameters. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Mara Cms
NVD GitHub Exploit-DB
CVSS 3.1
6.1
EPSS
14.6%
CVE-2020-14352 HIGH PATCH This Week

A flaw was found in librepo in versions before 1.12.1. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Librepo Backports Sle Leap Fedora
NVD
CVSS 3.1
8.0
EPSS
2.5%
CVE-2020-8097 HIGH This Week

An improper authentication vulnerability in Bitdefender Endpoint Security Tools for Windows and Bitdefender Endpoint Security SDK allows an unprivileged local attacker to escalate privileges or. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Endpoint Security Endpoint Security Tools
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-24917 MEDIUM PATCH This Month

osTicket before 1.14.3 allows XSS via a crafted filename to DraftAjaxAPI::_uploadInlineImage() in include/ajax.draft.php. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS PHP Osticket
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
1.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy