Skip to main content
CVE-2020-11698 CRITICAL POC THREAT Emergency

An issue was discovered in Titan SpamTitan 7.07. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection PHP Spamtitan
NVD GitHub Exploit-DB
CVSS 3.1
9.8
EPSS
73.7%
CVE-2020-25489 CRITICAL POC PATCH Act Now

A heap overflow in Sqreen PyMiniRacer (aka Python Mini Racer) before 0.3.0 allows remote attackers to potentially exploit heap corruption. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Memory Corruption Python Python Mini Racer
NVD GitHub
CVSS 3.1
9.8
EPSS
2.5%
CVE-2020-24753 CRITICAL POC PATCH Act Now

A memory corruption vulnerability in Objective Open CBOR Run-time (oocborrt) in versions before 2020-08-12 could allow an attacker to execute code via crafted Concise Binary Object Representation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Objective Open Cbor Run Time
NVD GitHub
CVSS 3.1
9.8
EPSS
2.6%
CVE-2020-15182 CRITICAL POC PATCH Act Now

The SOY Inquiry component of SOY CMS is affected by Cross-site Request Forgery (CSRF) and Remote Code Execution (RCE). Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE CSRF Path Traversal Soy Cms Soy Inquiry
NVD GitHub
CVSS 3.1
9.6
EPSS
1.2%
CVE-2020-8028 CRITICAL POC Act Now

A Improper Access Control vulnerability in the configuration of salt of SUSE Linux Enterprise Module for SUSE Manager Server 4.1, SUSE Manager Proxy 4.0, SUSE Manager Retail Branch Server 4.0, SUSE. Rated critical severity (CVSS 9.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Google Authentication Bypass Salt Netapi Client
NVD
CVSS 3.1
9.3
EPSS
0.4%
CVE-2020-0333 CRITICAL Act Now

In UrlQuerySanitizer, there is a possible improper input validation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google RCE Android
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2020-25216 CRITICAL Act Now

yWorks yEd Desktop before 3.20.1 allows code execution via an XSL Transformation when using an XML file in conjunction with a custom stylesheet. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Yed
NVD
CVSS 3.1
9.8
EPSS
2.4%
CVE-2020-25215 CRITICAL Act Now

yWorks yEd Desktop before 3.20.1 allows XXE attacks via an XML or GraphML document. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XXE Yed
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2020-0380 CRITICAL PATCH Act Now

In allocExcessBits of bitalloc.c, there is a possible out of bounds write due to an incorrect bounds check. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Google Memory Corruption RCE Android
NVD
CVSS 3.1
9.8
EPSS
2.8%
CVE-2020-0342 CRITICAL Act Now

There is a possible out of bounds write due to an incorrect bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-160812576. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Google Memory Corruption Android
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2020-0278 CRITICAL Act Now

There is a possible out of bounds write due to an incorrect bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-160812574. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Google Memory Corruption Android
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2020-0229 CRITICAL Act Now

There is a possible out of bounds write due to an incorrect bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-156333725. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Google Memory Corruption Android
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2020-0123 CRITICAL Act Now

There is a possible out of bounds write due to an incorrect bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-149871374. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Google Memory Corruption Android
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2020-13169 CRITICAL Act Now

Stored XSS (Cross-Site Scripting) exists in the SolarWinds Orion Platform before before 2020.2.1 on multiple forms and pages. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Information Disclosure Orion Platform
NVD
CVSS 3.1
9.0
EPSS
2.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy