Skip to main content
CVE-2020-11858 HIGH POC Act Now

Code execution with escalated privileges vulnerability in Micro Focus products Operation Bridge Manager and Operation Bridge (containerized). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Operations Bridge Operations Bridge Manager
NVD GitHub
CVSS 3.1
7.8
EPSS
2.7%
CVE-2020-23864 HIGH POC This Week

An issue exits in IOBit Malware Fighter version 8.0.2.547. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Malware Fighter
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2020-7755 HIGH POC This Week

All versions of package dat.gui are vulnerable to Regular Expression Denial of Service (ReDoS) via specifically crafted rgb and rgba values. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Dat Gui
NVD GitHub
CVSS 3.1
7.5
EPSS
2.1%
CVE-2020-7754 HIGH POC PATCH This Week

This affects the package npm-user-validate before 1.0.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Node.js Information Disclosure Npm User Validate
NVD GitHub
CVSS 3.1
7.5
EPSS
3.4%
CVE-2020-23945 HIGH POC This Week

A SQL injection vulnerability exists in Victor CMS V1.0 in the cat_id parameter of the category.php file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Victor Cms
NVD GitHub
CVSS 3.1
7.5
EPSS
1.2%
CVE-2020-7753 HIGH POC PATCH This Week

All versions of package trim are vulnerable to Regular Expression Denial of Service (ReDoS) via trim(). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Trim
NVD GitHub
CVSS 3.1
7.5
EPSS
3.7%
CVE-2020-15238 HIGH POC This Week

Blueman is a GTK+ Bluetooth Manager. Rated high severity (CVSS 7.0). Public exploit code available and no vendor patch available.

Code Injection Blueman Debian Linux Fedora
NVD GitHub Exploit-DB
CVSS 3.1
7.0
EPSS
4.5%
CVE-2020-9932 HIGH This Week

A memory corruption issue was addressed with improved validation. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Apple Safari +3
NVD
CVSS 3.1
8.8
EPSS
1.1%
CVE-2020-27890 HIGH This Week

The Zigbee protocol implementation on Texas Instruments CC2538 devices with Z-Stack 3.0.1 does not properly process a ZCL Write Attributes No Response message. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Z Stack
NVD GitHub
CVSS 3.1
8.2
EPSS
1.0%
CVE-2020-9973 HIGH This Week

An out-of-bounds read was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Information Disclosure Ipados +2
NVD
CVSS 3.1
7.8
EPSS
1.9%
CVE-2020-9961 HIGH This Week

An out-of-bounds read was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Information Disclosure Icloud +6
NVD
CVSS 3.1
7.8
EPSS
1.5%
CVE-2020-3880 HIGH This Week

An out-of-bounds read was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Information Disclosure Ipados +4
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2020-3864 HIGH This Week

A logic issue was addressed with improved validation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Apple Icloud Itunes +7
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-3863 HIGH This Week

A memory corruption issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Apple Mac Os X
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2020-3851 HIGH This Week

A use after free issue was addressed with improved memory management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free Denial Of Service Memory Corruption Apple Mac Os X
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2020-6023 HIGH This Week

Check Point ZoneAlarm before version 15.8.139.18543 allows a local actor to escalate privileges while restoring files in Anti-Ransomware. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Checkpoint Privilege Escalation Zonealarm
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-9941 HIGH This Week

This issue was addressed with improved checks. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados Iphone Os Mac Os X +2
NVD
CVSS 3.1
7.5
EPSS
2.5%
CVE-2020-9782 HIGH This Week

A parsing issue in the handling of directory paths was addressed with improved path validation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Path Traversal Mac Os X
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2020-9774 HIGH This Week

An issue existed with Siri Suggestions access to encrypted data. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Mac Os X
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2020-27892 HIGH This Week

The Zigbee protocol implementation on Texas Instruments CC2538 devices with Z-Stack 3.0.1 does not properly process a ZCL Discover Commands Received Response message or a ZCL Discover Commands. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Z Stack
NVD GitHub
CVSS 3.1
7.5
EPSS
1.4%
CVE-2020-27891 HIGH This Week

The Zigbee protocol implementation on Texas Instruments CC2538 devices with Z-Stack 3.0.1 does not properly process a ZCL Read Reporting Configuration Response message. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Z Stack
NVD GitHub
CVSS 3.1
7.5
EPSS
1.4%
CVE-2020-27888 HIGH This Week

An issue was discovered on Ubiquiti UniFi Meshing Access Point UAP-AC-M 4.3.21.11325 and UniFi Controller 6.0.28 devices. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Ubiquiti Information Disclosure Unifi Meshing Access Point Firmware Unifi Controller Firmware
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2020-8579 HIGH This Week

Clustered Data ONTAP versions 9.7 through 9.7P7 are susceptible to a vulnerability which allows an attacker with access to an intercluster LIF to cause a Denial of Service (DoS). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Clustered Data Ontap
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2020-27180 HIGH This Week

konzept-ix publiXone before 2020.015 allows attackers to download files by iterating over the IXCopy fileID parameter. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Publixone
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2020-15352 HIGH This Week

An XML external entity (XXE) vulnerability in Pulse Connect Secure (PCS) before 9.1R9 and Pulse Policy Secure (PPS) before 9.1R9 allows remote authenticated admins to conduct server-side request. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SSRF XXE Connect Secure Pulse Connect Secure Policy Secure +1
NVD
CVSS 3.1
7.2
EPSS
3.2%
CVE-2020-3855 HIGH This Week

An access issue was addressed with improved access restrictions. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Mac Os X
NVD
CVSS 3.1
7.1
EPSS
0.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy