Skip to main content
CVE-2020-27903 HIGH This Week

This issue was addressed by removing the vulnerable code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple macOS
NVD
CVSS 3.1
7.8
EPSS
1.2%
CVE-2020-10017 HIGH This Week

An out-of-bounds write was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Apple Ipados +4
NVD
CVSS 3.1
7.8
EPSS
1.4%
CVE-2020-9999 HIGH This Week

A memory corruption issue was addressed with improved state management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Memory Corruption Apple RCE +7
NVD
CVSS 3.1
7.8
EPSS
8.5%
CVE-2020-9996 HIGH This Week

A use after free issue was addressed with improved memory management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free Denial Of Service Memory Corruption Apple Ipados +2
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2020-9981 HIGH This Week

A use after free issue was addressed with improved memory management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Microsoft Memory Corruption Apple RCE +8
NVD
CVSS 3.1
7.8
EPSS
1.4%
CVE-2020-9972 HIGH This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Apple Ipad Os Iphone Os +2
NVD
CVSS 3.1
7.8
EPSS
1.4%
CVE-2020-9966 HIGH This Week

An out-of-bounds read was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Information Disclosure Ipados +4
NVD
CVSS 3.1
7.8
EPSS
1.2%
CVE-2020-9965 HIGH This Week

An out-of-bounds read was addressed with improved input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Information Disclosure Ipados +4
NVD
CVSS 3.1
7.8
EPSS
1.4%
CVE-2020-9954 HIGH This Week

A buffer overflow issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Apple Ipados Iphone Os +3
NVD
CVSS 3.1
7.8
EPSS
1.4%
CVE-2020-9949 HIGH This Week

A use after free issue was addressed with improved memory management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Memory Corruption Apple RCE Use After Free +5
NVD
CVSS 3.1
7.8
EPSS
1.4%
CVE-2020-10016 HIGH This Week

A memory corruption issue was addressed with improved state management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Memory Corruption Apple Ipados +5
NVD
CVSS 3.1
7.8
EPSS
1.6%
CVE-2020-10013 HIGH This Week

A logic issue was addressed with improved state management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Apple Ipados Iphone Os Mac Os X +1
NVD
CVSS 3.1
7.8
EPSS
1.3%
CVE-2020-10011 HIGH This Week

An out-of-bounds read was addressed with improved bounds checking. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple RCE Information Disclosure Ipados +3
NVD
CVSS 3.1
7.8
EPSS
1.2%
CVE-2020-10010 HIGH This Week

A path handling issue was addressed with improved validation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Apple Path Traversal Ipados Iphone Os Mac Os X +2
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-10004 HIGH This Week

A logic issue was addressed with improved state management. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Apple Ipados Iphone Os Mac Os X +1
NVD
CVSS 3.1
7.8
EPSS
1.4%
CVE-2020-10003 HIGH This Week

An issue existed within the path validation logic for symlinks. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados Iphone Os Mac Os X +2
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-9991 HIGH This Week

This issue was addressed with improved checks. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Microsoft Apple Icloud Ipados +4
NVD
CVSS 3.1
7.5
EPSS
2.8%
CVE-2020-25692 HIGH PATCH This Week

A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Null Pointer Dereference Denial Of Service Openldap Enterprise Linux Cloud Backup +1
NVD
CVSS 3.1
7.5
EPSS
2.2%
CVE-2020-25630 HIGH PATCH This Week

A vulnerability was found in Moodle where the decompressed size of zip files was not checked against available user quota before unzipping them, which could lead to a denial of service risk. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Moodle
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2020-27758 LOW POC Monitor

A flaw was found in ImageMagick in coders/txt.c. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Integer Overflow Imagemagick Debian Linux
NVD
CVSS 3.1
3.3
EPSS
1.1%
CVE-2020-27757 LOW POC Monitor

A floating point math calculation in ScaleAnyToQuantum() of /MagickCore/quantum-private.h could lead to undefined behavior in the form of a value outside the range of type unsigned long long. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Red Hat Integer Overflow Imagemagick Debian Linux
NVD
CVSS 3.1
3.3
EPSS
1.1%
CVE-2020-27755 LOW POC Monitor

in SetImageExtent() of /MagickCore/image.c, an incorrect image depth size can cause a memory leak because the code which checks for the proper image depth size does not reset the size in the event. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Imagemagick
NVD
CVSS 3.1
3.3
EPSS
0.9%
CVE-2020-27754 LOW POC Monitor

In IntensityCompare() of /magick/quantize.c, there are calls to PixelPacketIntensity() which could return overflowed values to the caller when ImageMagick processes a crafted input file. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Integer Overflow Imagemagick Debian Linux
NVD
CVSS 3.1
3.3
EPSS
1.1%
CVE-2020-27751 LOW POC Monitor

A flaw was found in ImageMagick in MagickCore/quantum-export.c. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Integer Overflow Imagemagick Debian Linux
NVD
CVSS 3.1
3.3
EPSS
1.1%
CVE-2020-25675 LOW POC Monitor

In the CropImage() and CropImageToTiles() routines of MagickCore/transform.c, rounding calculations performed on unconstrained pixel offsets was causing undefined behavior in the form of integer. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Integer Overflow Imagemagick Debian Linux
NVD
CVSS 3.1
3.3
EPSS
1.1%
CVE-2020-25666 LOW POC Monitor

There are 4 places in HistogramCompare() in MagickCore/histogram.c where an integer overflow is possible during simple math calculations. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Integer Overflow Imagemagick Debian Linux
NVD
CVSS 3.1
3.3
EPSS
1.2%
CVE-2020-9922 MEDIUM This Month

A logic issue was addressed with improved state management. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Mac Os X
NVD
CVSS 3.1
6.5
EPSS
1.5%
CVE-2020-9849 MEDIUM This Month

An information disclosure issue was addressed with improved state management. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Microsoft Information Disclosure Icloud Itunes +4
NVD
CVSS 3.1
6.5
EPSS
2.1%
CVE-2020-10014 MEDIUM This Month

A parsing issue in the handling of directory paths was addressed with improved path validation. Rated medium severity (CVSS 6.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Path Traversal Mac Os X macOS
NVD
CVSS 3.1
6.3
EPSS
1.1%
CVE-2020-10012 MEDIUM This Month

An access issue was addressed with improved access restrictions. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Apple Mac Os X macOS
NVD
CVSS 3.1
6.1
EPSS
1.0%
CVE-2020-25631 MEDIUM PATCH This Month

A vulnerability was found in Moodle 3.9 to 3.9.1, 3.8 to 3.8.4 and 3.7 to 3.7.7 where it was possible to include JavaScript in a book's chapter title, which was not escaped on the "Add new chapter". Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Moodle
NVD
CVSS 3.1
6.1
EPSS
0.9%
CVE-2020-25628 MEDIUM PATCH This Month

The filter in the tag manager required extra sanitizing to prevent a reflected XSS risk. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Moodle
NVD
CVSS 3.1
6.1
EPSS
1.0%
CVE-2020-27821 MEDIUM PATCH This Month

A flaw was found in the memory management API of QEMU during the initialization of a memory region cache. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Denial Of Service Memory Corruption Qemu Debian Linux
NVD
CVSS 3.1
6.0
EPSS
0.4%
CVE-2020-1971 MEDIUM PATCH This Month

The X.509 GeneralName type is a generic type for representing different types of names. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

OpenSSL Denial Of Service Null Pointer Dereference Debian Linux Fedora +41
NVD VulDB
CVSS 3.1
5.9
EPSS
0.3%
CVE-2020-26253 MEDIUM PATCH This Month

Kirby is a CMS. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Kirby Panel
NVD GitHub
CVSS 3.1
5.9
EPSS
0.6%
CVE-2020-27822 MEDIUM PATCH This Month

A flaw was found in Wildfly affecting versions 19.0.0.Final, 19.1.0.Final, 20.0.0.Final, 20.0.1.Final, and 21.0.0.Final. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Wildfly
NVD
CVSS 3.1
5.9
EPSS
1.1%
CVE-2020-27896 MEDIUM This Month

A path handling issue was addressed with improved validation. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Path Traversal Mac Os X macOS
NVD
CVSS 3.1
5.5
EPSS
1.4%
CVE-2020-27950 MEDIUM KEV THREAT This Month

A memory initialization issue was addressed. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados Iphone Os macOS +1
NVD
CVSS 3.1
5.5
EPSS
16.5%
CVE-2020-27929 MEDIUM This Month

A logic issue existed in the handling of Group FaceTime calls. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Iphone Os
NVD
CVSS 3.1
5.5
EPSS
0.6%
CVE-2020-27925 MEDIUM This Month

An issue existed in the handling of incoming calls. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados Iphone Os
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2020-27900 MEDIUM This Month

An issue existed in the handling of snapshots. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple macOS
NVD
CVSS 3.1
5.5
EPSS
0.9%
CVE-2020-27898 MEDIUM This Month

A denial of service issue was addressed with improved state handling. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Apple macOS
NVD
CVSS 3.1
5.5
EPSS
1.0%
CVE-2020-9989 MEDIUM This Month

The issue was addressed with improved deletion. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados Iphone Os Mac Os X +1
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2020-9988 MEDIUM This Month

The issue was addressed with improved deletion. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados Iphone Os Mac Os X
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2020-9977 MEDIUM This Month

A validation issue existed in the entitlement verification. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados Iphone Os Mac Os X
NVD
CVSS 3.1
5.5
EPSS
0.9%
CVE-2020-9974 MEDIUM This Month

A logic issue was addressed with improved state management. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados Iphone Os Mac Os X +2
NVD
CVSS 3.1
5.5
EPSS
1.2%
CVE-2020-9969 MEDIUM This Month

An access issue was addressed with additional sandbox restrictions. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados Iphone Os Mac Os X +2
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2020-9963 MEDIUM This Month

The issue was addressed with improved handling of icon caches. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Ipados Iphone Os Mac Os X
NVD
CVSS 3.1
5.5
EPSS
1.0%
CVE-2020-9944 MEDIUM This Month

An out-of-bounds read was addressed with improved bounds checking. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple Information Disclosure Ipados Iphone Os +3
NVD
CVSS 3.1
5.5
EPSS
1.1%
CVE-2020-9943 MEDIUM This Month

An out-of-bounds read was addressed with improved bounds checking. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple Information Disclosure Ipados Iphone Os +3
NVD
CVSS 3.1
5.5
EPSS
1.1%
Prev Page 2 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy