Skip to main content
CVE-2017-15681 CRITICAL PATCH Act Now

In Crafter CMS Crafter Studio 3.0.1 a directory traversal vulnerability exists which allows unauthenticated attackers to overwrite files from the operating system which can lead to RCE. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Crafter Cms
NVD VulDB
CVSS 3.1
9.8
EPSS
2.1%
CVE-2020-26245 CRITICAL PATCH Act Now

npm package systeminformation before version 4.30.5 is vulnerable to Prototype Pollution leading to Command Injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Node.js Command Injection Systeminformation
NVD GitHub
CVSS 3.1
9.8
EPSS
1.9%
CVE-2020-25014 CRITICAL Act Now

A stack-based buffer overflow in fbwifi_continue.cgi on Zyxel UTM and VPN series of gateways running firmware version V4.30 through to V4.55 allows remote unauthenticated attackers to execute. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Zyxel Memory Corruption RCE Zld +1
NVD
CVSS 3.1
9.8
EPSS
4.3%
CVE-2020-27745 CRITICAL PATCH Act Now

Slurm before 19.05.8 and 20.x before 20.02.6 has an RPC Buffer Overflow in the PMIx MPI plugin. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Slurm Debian Linux
NVD
CVSS 3.1
9.8
EPSS
2.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy