Skip to main content
CVE-2020-11800 CRITICAL Act Now

Zabbix Server 2.2.x and 3.0.x before 3.0.31, and 3.2 allows remote attackers to execute arbitrary code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Zabbix Backports Sle Leap Debian Linux
NVD
CVSS 3.1
9.8
EPSS
9.2%
CVE-2020-15175 CRITICAL PATCH Act Now

In GLPI before version 9.5.2, the `​pluginimage.send.php​` endpoint allows a user to specify an image from a plugin. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Path Traversal PHP Information Disclosure Glpi
NVD GitHub
CVSS 3.1
9.1
EPSS
71.4%
CVE-2020-13347 CRITICAL Act Now

A command injection vulnerability was discovered in Gitlab runner versions prior to 13.2.4, 13.3.2 and 13.4.1. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Microsoft Docker Gitlab Path Traversal
NVD
CVSS 3.1
9.1
EPSS
2.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy