Skip to main content
CVE-2020-16140 MEDIUM POC This Month

The search functionality of the Greenmart theme 2.4.2 for WordPress is vulnerable to XSS. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS WordPress Greenmart
NVD
CVSS 3.1
6.1
EPSS
0.9%
CVE-2020-27181 MEDIUM This Month

A hardcoded AES key in CipherUtils.java in the Java applet of konzept-ix publiXone before 2020.015 allows attackers to craft password-reset tokens or decrypt server-side configuration files. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Java Authentication Bypass Publixone
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2020-27182 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in konzept-ix publiXone before 2020.015 allow remote attackers to inject arbitrary JavaScript or HTML via appletError.jsp, job_jacket_detail.jsp,. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Publixone
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2020-9982 MEDIUM This Month

This issue was addressed with improved checks to prevent unauthorized actions. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Apple Music
NVD
CVSS 3.1
5.5
EPSS
0.8%
CVE-2020-9979 MEDIUM This Month

A trust issue was addressed by removing a legacy API. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados Iphone Os Tvos
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2020-6022 MEDIUM This Month

Check Point ZoneAlarm before version 15.8.139.18543 allows a local actor to delete arbitrary files while restoring files in Anti-Ransomware. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Checkpoint Information Disclosure Zonealarm
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2020-9860 MEDIUM This Month

A custom URL scheme handling issue was addressed with improved input validation. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Apple Safari
NVD
CVSS 3.1
5.4
EPSS
1.0%
CVE-2020-3852 MEDIUM This Month

A logic issue was addressed with improved validation. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Apple Safari
NVD
CVSS 3.1
5.3
EPSS
1.0%
CVE-2020-9857 MEDIUM This Month

An issue existed in the parsing of URLs. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Mac Os X
NVD
CVSS 3.1
4.3
EPSS
0.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy