Skip to main content
CVE-2020-11853 HIGH POC THREAT Act Now

Arbitrary code execution vulnerability affecting multiple Micro Focus products. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Operation Bridge Manager Operations Bridge Manager Universal Cmbd Foundation Application Performance Management +3
NVD GitHub
CVSS 3.1
8.8
EPSS
77.0%
CVE-2020-15906 CRITICAL POC PATCH THREAT Act Now

tiki-login.php in Tiki before 21.2 sets the admin password to a blank value after 50 invalid login attempts. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure PHP Tiki
NVD
CVSS 3.1
9.8
EPSS
27.4%
CVE-2020-18129 HIGH POC This Week

A CSRF vulnerability in Eyoucms v1.2.7 allows an attacker to add an admin account via login.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP Eyoucms
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2020-24033 HIGH POC This Week

An issue was discovered in fs.com S3900 24T4S 1.7.0 and earlier. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF S3900 24T4S Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
1.0%
CVE-2020-26649 HIGH POC This Week

AtomXCMS 2.0 is affected by Incorrect Access Control via admin/dump.php. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass PHP Atomxcms 2
NVD GitHub
CVSS 3.1
8.1
EPSS
0.7%
CVE-2020-15684 CRITICAL Act Now

Mozilla developers reported memory safety bugs present in Firefox 81. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Mozilla Buffer Overflow Memory Corruption RCE Use After Free +1
NVD
CVSS 3.1
9.8
EPSS
1.3%
CVE-2020-15683 CRITICAL Act Now

Mozilla developers and community members reported memory safety bugs present in Firefox 81 and Firefox ESR 78.3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Mozilla Buffer Overflow Memory Corruption RCE Use After Free +5
NVD
CVSS 3.1
9.8
EPSS
2.6%
CVE-2020-27664 CRITICAL PATCH Act Now

admin/src/containers/InputModalStepperProvider/index.js in Strapi before 3.2.5 has unwanted /proxy?url= functionality. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Strapi
NVD GitHub
CVSS 3.1
9.8
EPSS
2.3%
CVE-2020-9898 CRITICAL Act Now

This issue was addressed with improved entitlements. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados Iphone Os Mac Os X
NVD
CVSS 3.1
9.8
EPSS
1.3%
CVE-2020-27619 CRITICAL PATCH Act Now

In Python 3 through 3.9.0, the Lib/test/multibytecodec_support.py CJK codec tests call eval() on content retrieved via HTTP. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Python Information Disclosure Fedora Communications Cloud Native Core Network Function Cloud Native Environment
NVD GitHub
CVSS 3.1
9.8
EPSS
8.3%
CVE-2020-27533 MEDIUM POC This Month

A Cross Site Scripting (XSS) issue was discovered in the search feature of DedeCMS v.5.8 that allows malicious users to inject code into web pages, and other users will be affected when viewing web. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Dedecms
NVD GitHub Exploit-DB
CVSS 3.1
5.4
EPSS
3.5%
CVE-2020-26650 MEDIUM POC This Month

AtomXCMS 2.0 is affected by Arbitrary File Read via admin/dump.php. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Path Traversal Atomxcms
NVD GitHub
CVSS 3.1
5.3
EPSS
1.0%
CVE-2020-9920 CRITICAL Act Now

A path handling issue was addressed with improved validation. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Path Traversal Ipados Iphone Os Mac Os X +1
NVD
CVSS 3.1
9.1
EPSS
1.8%
CVE-2020-9906 CRITICAL Act Now

A memory corruption issue was addressed with improved input validation. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple Ipados Iphone Os Mac Os X +1
NVD
CVSS 3.1
9.1
EPSS
4.7%
CVE-2020-9868 CRITICAL Act Now

A certificate validation issue existed when processing administrator added certificates. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados Iphone Os Mac Os X +2
NVD
CVSS 3.1
9.1
EPSS
1.0%
CVE-2020-27195 CRITICAL PATCH Act Now

HashiCorp Nomad and Nomad Enterprise version 0.9.0 up to 0.12.5 client file sandbox feature can be subverted using either the template or artifact stanzas. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Hashicorp Information Disclosure Nomad
NVD GitHub
CVSS 3.1
9.1
EPSS
1.5%
CVE-2020-27621 MEDIUM POC This Month

The FileImporter extension in MediaWiki through 1.35.0 was not properly attributing various user actions to a specific user's IP address. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Mediawiki
NVD
CVSS 3.1
4.3
EPSS
0.7%
CVE-2020-27671 HIGH PATCH This Week

An issue was discovered in Xen through 4.14.x allowing x86 HVM and PVH guest OS users to cause a denial of service (data corruption), cause a data leak, or possibly gain privileges because coalescing. Rated high severity (CVSS 7.8).

Denial Of Service Xen Leap Debian Linux Fedora
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-27670 HIGH PATCH This Week

An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a denial of service (data corruption), cause a data leak, or possibly gain privileges because an AMD IOMMU. Rated high severity (CVSS 7.8).

Denial Of Service Amd Xen Leap Fedora +1
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-10721 HIGH This Week

A flaw was found in the fabric8-maven-plugin 4.0.0 and later. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Deserialization Fabric8 Maven
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2020-9990 HIGH This Week

A race condition was addressed with additional validation. Rated high severity (CVSS 7.8). No vendor patch available.

Race Condition RCE Apple Mac Os X
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2020-9985 HIGH This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Apple Ipados Iphone Os +2
NVD
CVSS 3.1
7.8
EPSS
1.4%
CVE-2020-9984 HIGH This Week

An out-of-bounds read was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Apple RCE Information Disclosure +7
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2020-9980 HIGH This Week

An out-of-bounds write issue was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Apple Ipados +4
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2020-9940 HIGH This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Apple Ipados Iphone Os +2
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2020-9938 HIGH This Week

An out-of-bounds read was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Apple RCE Information Disclosure +7
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2020-9937 HIGH This Week

An out-of-bounds write issue was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Memory Corruption Apple RCE +7
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2020-9928 HIGH This Week

Multiple memory corruption issues were addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Apple Mac Os X
NVD
CVSS 3.1
7.8
EPSS
1.2%
CVE-2020-9927 HIGH This Week

A memory corruption issue was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Apple Mac Os X
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-9919 HIGH This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Memory Corruption Apple RCE +7
NVD
CVSS 3.1
7.8
EPSS
1.4%
CVE-2020-9904 HIGH This Week

A memory corruption issue was addressed with improved state management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Apple Ipados +4
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2020-9901 HIGH This Week

An issue existed within the path validation logic for symlinks. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados Iphone Os Mac Os X +1
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-9900 HIGH This Week

An issue existed within the path validation logic for symlinks. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados Iphone Os Mac Os X +2
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-9899 HIGH This Week

A memory corruption issue was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Apple Mac Os X
NVD
CVSS 3.1
7.8
EPSS
1.2%
CVE-2020-9892 HIGH This Week

Multiple memory corruption issues were addressed with improved state management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Apple Ipados +4
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2020-9887 HIGH This Week

A memory corruption issue was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Apple Mac Os X
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2020-9883 HIGH This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Microsoft Apple Icloud +7
NVD
CVSS 3.1
7.8
EPSS
5.7%
CVE-2020-9882 HIGH This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Apple Ipados Iphone Os +2
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2020-9881 HIGH This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Apple Ipados Iphone Os +2
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2020-9880 HIGH This Week

A buffer overflow was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Apple Ipados Iphone Os +3
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2020-9879 HIGH This Week

An out-of-bounds write issue was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Memory Corruption Apple RCE +7
NVD
CVSS 3.1
7.8
EPSS
1.2%
CVE-2020-9877 HIGH This Week

An out-of-bounds read was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Apple RCE Information Disclosure +7
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2020-9876 HIGH This Week

An out-of-bounds write issue was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Memory Corruption Apple RCE +8
NVD
CVSS 3.1
7.8
EPSS
1.9%
CVE-2020-9875 HIGH This Week

An integer overflow was addressed through improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple RCE Microsoft Integer Overflow Icloud +6
NVD
CVSS 3.1
7.8
EPSS
1.2%
CVE-2020-9874 HIGH This Week

An out-of-bounds write issue was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Memory Corruption Apple RCE +7
NVD
CVSS 3.1
7.8
EPSS
1.2%
CVE-2020-9873 HIGH This Week

An out-of-bounds read was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Apple RCE Information Disclosure +7
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2020-9872 HIGH This Week

An out-of-bounds write issue was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Memory Corruption Apple RCE +7
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2020-9871 HIGH This Week

An out-of-bounds write issue was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Memory Corruption Apple RCE +7
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2020-9863 HIGH This Week

A memory initialization issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Apple Ipados Iphone Os Mac Os X +2
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2020-9854 HIGH This Week

A logic issue was addressed with improved validation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados Iphone Os Mac Os X +1
NVD
CVSS 3.1
7.8
EPSS
0.4%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy