Skip to main content
CVE-2020-8267 MEDIUM PATCH This Month

A security issue was found in UniFi Protect controller v1.14.10 and earlier.The authentication in the UniFi Protect controller API was using “x-token” improperly, allowing attackers to use the API to. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Ubiquiti Authentication Bypass Unifi Protect Firmware
NVD
CVSS 3.1
5.3
EPSS
1.2%
CVE-2020-7761 MEDIUM PATCH This Month

This affects the package @absolunet/kafe before 3.2.10. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Kafe
NVD GitHub
CVSS 3.1
5.3
EPSS
1.6%
CVE-2020-24431 MEDIUM This Month

Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) for macOS are affected by a security feature bypass that could result in dynamic. Rated medium severity (CVSS 4.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Adobe Authentication Bypass Apple Acrobat Acrobat Dc +2
NVD
CVSS 3.1
4.4
EPSS
1.6%
CVE-2020-5944 MEDIUM This Month

In BIG-IQ 7.1.0, accessing the DoS Summary events and DNS Overview pages in the BIG-IQ system interface returns an error message due to disabled Grafana reverse proxy in web service configuration. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Grafana Information Disclosure Big Iq Centralized Management
NVD
CVSS 3.1
4.3
EPSS
0.8%
CVE-2020-24438 LOW Monitor

Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a use-after-free vulnerability that could result in a memory. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Adobe Use After Free Memory Corruption Information Disclosure Acrobat +3
NVD
CVSS 3.1
3.3
EPSS
3.8%
CVE-2020-24434 LOW Monitor

Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Adobe Information Disclosure Acrobat Acrobat Dc +2
NVD
CVSS 3.1
3.3
EPSS
3.0%
CVE-2020-24427 LOW Monitor

Acrobat Reader versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by an input validation vulnerability when decoding a crafted codec. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Adobe Information Disclosure Acrobat Acrobat Dc Acrobat Reader +1
NVD
CVSS 3.1
3.3
EPSS
2.4%
CVE-2020-24426 LOW Monitor

Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Adobe Information Disclosure Acrobat Acrobat Dc +2
NVD
CVSS 3.1
3.3
EPSS
3.0%
CVE-2020-24439 LOW PATCH Monitor

Acrobat Reader DC for macOS versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a security feature bypass. Rated low severity (CVSS 2.8), this vulnerability is low attack complexity.

Adobe Jwt Attack Authentication Bypass Apple Acrobat +3
NVD
CVSS 3.1
2.8
EPSS
0.6%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy