Skip to main content
CVE-2020-27894 MEDIUM This Month

The issue was addressed with additional user controls. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple macOS
NVD
CVSS 3.1
5.5
EPSS
0.7%
CVE-2020-10009 MEDIUM This Month

A logic issue was addressed with improved state management. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Mac Os X
NVD
CVSS 3.1
5.5
EPSS
1.1%
CVE-2020-10007 MEDIUM This Month

A logic issue was addressed with improved state management. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Apple Mac Os X
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2020-10006 MEDIUM This Month

This issue was addressed with improved entitlements. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Mac Os X
NVD
CVSS 3.1
5.5
EPSS
0.9%
CVE-2020-10002 MEDIUM This Month

A logic issue was addressed with improved state management. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Apple Icloud Itunes +5
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2020-25677 MEDIUM PATCH This Month

A flaw was found in Ceph-ansible v4.0.41 where it creates an /etc/ceph/iscsi-gateway.conf with insecure default permissions. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Ceph Ansible Ceph Storage
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2020-14207 MEDIUM This Month

The DiveBook plugin 1.1.4 for WordPress was prone to a SQL injection within divelog.php, allowing unauthenticated users to retrieve data from the database via the divelog.php filter_diver parameter. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress SQLi PHP Divebook
NVD
CVSS 3.1
5.3
EPSS
1.4%
CVE-2020-26234 MEDIUM PATCH This Month

Opencast before versions 8.9 and 7.9 disables HTTPS hostname verification of its HTTP client used for a large portion of Opencast's HTTP requests. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable.

Java Information Disclosure Opencast
NVD GitHub
CVSS 3.1
4.8
EPSS
0.3%
CVE-2020-27902 MEDIUM This Month

An authentication issue was addressed with improved state management. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Apple Ipados Iphone Os
NVD
CVSS 3.1
4.6
EPSS
0.3%
CVE-2020-9993 MEDIUM This Month

The issue was addressed with improved UI handling. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Apple Safari Ipados Iphone Os +1
NVD
CVSS 3.1
4.3
EPSS
1.1%
CVE-2020-9987 MEDIUM This Month

An inconsistent user interface issue was addressed with improved state management. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Apple Safari
NVD
CVSS 3.1
4.3
EPSS
0.8%
CVE-2020-9945 MEDIUM This Month

A spoofing issue existed in the handling of URLs. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Apple Safari Mac Os X
NVD
CVSS 3.1
4.3
EPSS
1.2%
CVE-2020-9942 MEDIUM This Month

An inconsistent user interface issue was addressed with improved state management. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Apple Safari Mac Os X
NVD
CVSS 3.1
4.3
EPSS
1.2%
CVE-2020-27895 LOW Monitor

An information disclosure issue existed in the transition of program state. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Apple Itunes
NVD
CVSS 3.1
3.3
EPSS
0.6%
CVE-2020-27818 LOW Monitor

A flaw was found in the check_chunk_name() function of pngcheck-2.4.0. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Pngcheck Extra Packages For Enterprise Linux Fedora +1
NVD
CVSS 3.1
3.3
EPSS
1.2%
Prev Page 3 of 3

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy