Skip to main content
CVE-2020-5143 MEDIUM This Month

SonicOS SSLVPN login page allows a remote unauthenticated attacker to perform firewall management administrator username enumeration based on the server responses. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Sonicos Sonicosv
NVD
CVSS 3.1
5.3
EPSS
1.6%
CVE-2020-4740 MEDIUM PATCH This Month

IBM InfoSphere Information Server 11.5 and 11.7 is vulnerable to HTML injection. Rated medium severity (CVSS 5.2), this vulnerability is no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Infosphere Information Server
NVD
CVSS 3.1
5.2
EPSS
0.7%
CVE-2020-4678 MEDIUM PATCH This Month

IBM Security Guardium 11.2 could allow an attacker with admin access to obtain and read files that they normally would not have access to. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

IBM Information Disclosure Security Guardium
NVD
CVSS 3.1
4.9
EPSS
1.2%
CVE-2020-13341 MEDIUM This Month

An issue has been discovered in GitLab affecting all versions prior to 13.2.10, 13.3.7 and 13.4.2. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Gitlab Memory Corruption Information Disclosure
NVD
CVSS 3.1
4.9
EPSS
1.2%
CVE-2020-4679 MEDIUM PATCH This Month

IBM Security Guardium 11.2 is vulnerable to cross-site scripting. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Security Guardium
NVD
CVSS 3.1
4.8
EPSS
0.6%
CVE-2020-9110 MEDIUM This Month

Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have an information disclosure vulnerability. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Taurus An00B Firmware
NVD
CVSS 3.1
4.6
EPSS
0.2%
CVE-2020-9109 MEDIUM This Month

There is an information disclosure vulnerability in several smartphones. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Huawei Authentication Bypass Information Disclosure Mate 20 Firmware Mate 20 X Firmware +4
NVD
CVSS 3.1
4.6
EPSS
0.2%
CVE-2020-9106 MEDIUM This Month

HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have a path traversal vulnerability. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Huawei Path Traversal P30 Pro Firmware
NVD
CVSS 3.1
4.6
EPSS
0.3%
CVE-2020-13943 MEDIUM PATCH This Month

If an HTTP/2 client connecting to Apache Tomcat 10.0.0-M1 to 10.0.0-M7, 9.0.0.M1 to 9.0.37 or 8.5.0 to 8.5.57 exceeded the agreed maximum number of concurrent streams for a connection (in violation. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Apache Tomcat Information Disclosure Debian Linux Instantis Enterprisetrack +1
NVD
CVSS 3.1
4.3
EPSS
57.3%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy