Skip to main content
CVE-2020-6547 MEDIUM This Month

Incorrect security UI in media in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially obtain sensitive information via a crafted HTML page. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Google Chrome Debian Linux Fedora
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2020-6538 MEDIUM This Month

Inappropriate implementation in WebView in Google Chrome on Android prior to 84.0.4147.105 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Chrome Debian Linux Fedora
NVD
CVSS 3.1
6.5
EPSS
1.0%
CVE-2020-4590 MEDIUM PATCH This Month

IBM WebSphere Application Server Liberty 17.0.0.3 through 20.0.0.9 running oauth-2.0 or openidConnectServer-1.0 server features is vulnerable to a denial of service attack conducted by an. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service IBM Websphere Application Server
NVD
CVSS 3.1
6.5
EPSS
1.2%
CVE-2020-14177 MEDIUM This Month

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to impact the application's availability via a Regex-based Denial of Service (DoS) vulnerability in JQL version. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Atlassian Denial Of Service Jira Server
NVD
CVSS 3.1
6.5
EPSS
2.2%
CVE-2020-4731 MEDIUM PATCH This Month

IBM Aspera Web Application 1.9.14 PL1 is vulnerable to cross-site scripting. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Aspera Shares
NVD
CVSS 3.1
6.1
EPSS
0.7%
CVE-2020-15959 MEDIUM This Month

Insufficient policy enforcement in networking in Google Chrome prior to 85.0.4183.102 allowed an attacker who convinced the user to enable logging to obtain potentially sensitive information from. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Chrome Backports Sle Leap +2
NVD
CVSS 3.1
4.3
EPSS
1.2%
CVE-2020-4315 MEDIUM PATCH This Month

IBM Business Automation Content Analyzer on Cloud 1.0 does not set the secure attribute on authorization tokens or session cookies. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

IBM Information Disclosure Business Automation Content Analyzer On Cloud
NVD
CVSS 3.1
4.3
EPSS
1.2%
CVE-2020-14180 MEDIUM This Month

Affected versions of Atlassian Jira Service Desk Server and Data Center allow remote attackers authenticated as a non-administrator user to view Project Request-Types and Descriptions, via an. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Atlassian Information Disclosure Jira Service Desk
NVD
CVSS 3.1
4.3
EPSS
0.8%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy