Skip to main content
CVE-2020-11998 CRITICAL PATCH Act Now

A regression has been introduced in the commit preventing JMX re-bind. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Apache Java RCE Oracle Activemq +6
NVD
CVSS 3.1
9.8
EPSS
51.2%
CVE-2020-8758 CRITICAL Act Now

Improper buffer restrictions in network subsystem in provisioned Intel(R) AMT and Intel(R) ISM versions before 11.8.79, 11.12.79, 11.22.79, 12.0.68 and 14.0.39 may allow an unauthenticated user to. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Intel Standard Manageability Active Management Technology Firmware Steelstore Cloud Integrated Storage
NVD
CVSS 3.1
9.8
EPSS
1.7%
CVE-2020-9732 CRITICAL PATCH Act Now

The AEM Forms add-on for versions 6.5.5.0 (and below) and 6.4.8.2 (and below) are affected by a stored XSS vulnerability that allows users with 'Author' privileges to store malicious scripts in. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Experience Manager Experience Manager Forms
NVD
CVSS 3.1
9.0
EPSS
2.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy