Skip to main content
CVE-2020-7760 HIGH POC PATCH This Week

This affects the package codemirror before 5.58.2; the package org.apache.marmotta.webjars:codemirror before 5.58.2. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Apache Denial Of Service Codemirror Application Express Enterprise Manager Express User Interface +3
NVD GitHub
CVSS 3.1
7.5
EPSS
5.2%
CVE-2020-15276 HIGH PATCH This Week

baserCMS before version 4.4.1 is vulnerable to Cross-Site Scripting. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Basercms
NVD GitHub
CVSS 3.1
8.7
EPSS
1.0%
CVE-2020-15273 HIGH PATCH This Week

baserCMS before version 4.4.1 is vulnerable to Cross-Site Scripting. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS File Upload Basercms
NVD GitHub
CVSS 3.1
8.1
EPSS
1.0%
CVE-2020-5991 HIGH This Week

NVIDIA CUDA Toolkit, all versions prior to 11.1.1, contains a vulnerability in the NVJPEG library in which an out-of-bounds read or write operation may lead to code execution, denial of service, or. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow RCE Nvidia Information Disclosure +1
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2020-4588 HIGH PATCH This Week

IBM i2 iBase 8.9.13 could allow an attacker to upload arbitrary executable files which, when executed by an unsuspecting victim could result in code execution. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Unrestricted File Upload vulnerability could allow attackers to upload malicious files that can be executed on the server.

File Upload RCE IBM I2 Ibase
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2020-4584 HIGH PATCH This Week

IBM i2 iBase 8.9.13 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

IBM Information Disclosure I2 Ibase
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2020-15277 HIGH PATCH This Week

baserCMS before version 4.4.1 is affected by Remote Code Execution (RCE). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This Unrestricted File Upload vulnerability could allow attackers to upload malicious files that can be executed on the server.

File Upload RCE PHP Basercms
NVD GitHub
CVSS 3.1
7.2
EPSS
2.2%
CVE-2020-7759 HIGH PATCH This Week

The package pimcore/pimcore from 6.7.2 and before 6.8.3 are vulnerable to SQL Injection in data classification functionality in ClassificationstoreController. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

SQLi Pimcore
NVD GitHub
CVSS 3.1
7.2
EPSS
1.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy