Skip to main content
CVE-2020-26238 HIGH POC PATCH This Week

Cron-utils is a Java library to parse, validate, migrate crons as well as get human readable descriptions for them. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Java RCE Cron Utils
NVD GitHub
CVSS 3.1
8.1
EPSS
4.2%
CVE-2020-26243 HIGH POC PATCH This Week

Nanopb is a small code-size Protocol Buffers implementation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Nanopb
NVD GitHub
CVSS 3.1
7.5
EPSS
2.6%
CVE-2020-29074 HIGH PATCH This Week

scan.c in x11vnc 0.9.16 uses IPC_CREAT|0777 in shmget calls, which allows access by actors other than the current user. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Incorrect Permission Assignment vulnerability could allow attackers to access resources due to misconfigured permissions.

Information Disclosure X11Vnc Fedora Debian Linux
NVD GitHub
CVSS 3.1
8.8
EPSS
1.7%
CVE-2020-14190 HIGH PATCH This Week

Affected versions of Atlassian Fisheye/Crucible allow remote attackers to achieve Regex Denial of Service via user-supplied regex in EyeQL. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Atlassian Denial Of Service Crucible Fisheye
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2020-14191 HIGH PATCH This Week

Affected versions of Atlassian Fisheye/Crucible allow remote attackers to impact the application's availability via a Denial of Service (DoS) vulnerability in the MessageBundleResource within. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Atlassian Denial Of Service Crucible Fisheye
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2020-26242 HIGH PATCH This Week

Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Go Ethereum
NVD GitHub
CVSS 3.1
7.5
EPSS
1.5%
CVE-2020-26240 HIGH PATCH This Week

Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Go Ethereum
NVD GitHub
CVSS 3.1
7.5
EPSS
1.6%
CVE-2020-26241 HIGH PATCH This Week

Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Canonical Go Ethereum
NVD GitHub
CVSS 3.1
7.1
EPSS
1.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy