Skip to main content
CVE-2020-26266 MEDIUM POC PATCH This Month

In affected versions of TensorFlow under certain cases a saved model can trigger use of uninitialized values during code execution. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. Public exploit code available.

RCE Tensorflow
NVD GitHub
CVSS 3.1
5.3
EPSS
0.2%
CVE-2020-26268 MEDIUM POC PATCH This Month

In affected versions of TensorFlow the tf.raw_ops.ImmutableConst operation returns a constant tensor created from a memory mapped file which is assumed immutable. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. Public exploit code available.

Denial Of Service Python Tensorflow
NVD GitHub
CVSS 3.1
4.4
EPSS
0.2%
CVE-2020-17099 MEDIUM PATCH This Month

Windows Lock Screen Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity.

Microsoft Authentication Bypass Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.1
6.8
EPSS
1.1%
CVE-2020-17117 MEDIUM PATCH This Month

Microsoft Exchange Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable.

RCE Microsoft Exchange Server
NVD
CVSS 3.1
6.6
EPSS
48.9%
CVE-2020-17133 MEDIUM PATCH This Month

Microsoft Dynamics Business Central/NAV Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Information Disclosure Dynamics Nav
NVD
CVSS 3.1
6.5
EPSS
3.7%
CVE-2020-17130 MEDIUM PATCH This Month

Microsoft Excel Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Microsoft Authentication Bypass 365 Apps Excel
NVD
CVSS 3.1
6.5
EPSS
2.2%
CVE-2020-17119 MEDIUM PATCH This Month

Microsoft Outlook Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Information Disclosure 365 Apps Office Outlook
NVD
CVSS 3.1
6.5
EPSS
4.1%
CVE-2020-16996 MEDIUM PATCH This Month

Kerberos Security Feature Bypass Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Windows Server 2012 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.1
6.5
EPSS
2.5%
CVE-2020-17135 MEDIUM PATCH This Month

Azure DevOps Server Spoofing Vulnerability. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Information Disclosure Azure Devops Server
NVD
CVSS 3.1
6.4
EPSS
1.2%
CVE-2020-7339 MEDIUM This Month

Use of a Broken or Risky Cryptographic Algorithm vulnerability in McAfee Database Security Server and Sensor prior to 4.8.0 in the form of a SHA1 signed certificate that would allow an attacker on. Rated medium severity (CVSS 6.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Database Security
NVD
CVSS 3.1
6.3
EPSS
0.2%
CVE-2020-2498 MEDIUM This Month

If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code in certificate configuration. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Quts Hero Qts
NVD
CVSS 3.1
6.1
EPSS
0.6%
CVE-2020-2497 MEDIUM This Month

If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code in System Connection Logs. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Quts Hero Qts
NVD
CVSS 3.1
6.1
EPSS
1.0%
CVE-2020-2496 MEDIUM This Month

If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code in File Station. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Quts Hero Qts
NVD
CVSS 3.1
6.1
EPSS
1.0%
CVE-2020-2495 MEDIUM This Month

If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code in File Station. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Quts Hero Qts
NVD
CVSS 3.1
6.1
EPSS
1.0%
CVE-2020-2494 MEDIUM This Month

This cross-site scripting vulnerability in Music Station allows remote attackers to inject malicious code. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Music Station
NVD
CVSS 3.1
6.1
EPSS
1.0%
CVE-2020-2493 MEDIUM This Month

This cross-site scripting vulnerability in Multimedia Console allows remote attackers to inject malicious code. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Multimedia Console
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2020-2491 MEDIUM This Month

This cross-site scripting vulnerability in Photo Station allows remote attackers to inject malicious code. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Photo Station
NVD
CVSS 3.1
6.1
EPSS
1.0%
CVE-2020-24444 MEDIUM This Month

AEM Forms SP6 add-on for AEM 6.5.6.0 and Forms add-on package for AEM 6.4 Service Pack 8 Cumulative Fix Pack 2 (6.4.8.2) have a blind Server-Side Request Forgery (SSRF) vulnerability. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF Experience Manager Forms Add On
NVD
CVSS 3.1
5.8
EPSS
2.1%
CVE-2020-27350 MEDIUM This Month

APT had several integer overflows and underflows while parsing .deb packages, aka GHSL-2020-168 GHSL-2020-169, in files apt-pkg/contrib/extracttar.cc, apt-pkg/deb/debfile.cc, and. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Integer Overflow Advanced Package Tool Solidfire Baseboard Management Controller Firmware
NVD
CVSS 3.1
5.7
EPSS
0.4%
CVE-2020-17138 MEDIUM PATCH This Month

Windows Error Reporting Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows Server 2016
NVD
CVSS 3.1
5.5
EPSS
1.1%
CVE-2020-17126 MEDIUM PATCH This Month

Microsoft Excel Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure 365 Apps Excel Office +2
NVD
CVSS 3.1
5.5
EPSS
1.1%
CVE-2020-17098 MEDIUM PATCH This Month

Windows GDI+ Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
5.5
EPSS
1.4%
CVE-2020-17094 MEDIUM PATCH This Month

Windows Error Reporting Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.1
5.5
EPSS
1.4%
CVE-2020-26407 MEDIUM This Month

A XSS vulnerability exists in Gitlab CE/EE from 12.4 before 13.4.7, 13.5 before 13.5.5, and 13.6 before 13.6.2 that allows an attacker to perform cross-site scripting to other users via importing a. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Gitlab
NVD
CVSS 3.1
5.4
EPSS
0.7%
CVE-2020-17145 MEDIUM PATCH This Month

Azure DevOps Server and Team Foundation Services Spoofing Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Information Disclosure Team Foundation Server Azure Devops Server
NVD
CVSS 3.1
5.4
EPSS
1.4%
CVE-2020-29666 MEDIUM This Month

In Lan ATMService M3 ATM Monitoring System 6.1.0, due to a directory-listing vulnerability, a remote attacker can view log files, located in /websocket/logs/, that contain a user's cookie values and. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure M3 Atm Monitoring System
NVD GitHub
CVSS 3.1
5.3
EPSS
1.4%
CVE-2020-17120 MEDIUM PATCH This Month

Microsoft SharePoint Information Disclosure Vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable.

Microsoft Information Disclosure Sharepoint Foundation Sharepoint Server
NVD
CVSS 3.1
5.3
EPSS
3.0%
CVE-2020-12595 MEDIUM This Month

An information disclosure flaw allows a malicious, authenticated, privileged web UI user to obtain a password for a remote SCP backup server that they might not otherwise be authorized to access. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Symantec Messaging Gateway
NVD
CVSS 3.1
4.9
EPSS
0.9%
CVE-2020-17153 MEDIUM PATCH This Month

Microsoft Edge for Android Spoofing Vulnerability. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Microsoft Information Disclosure Edge
NVD
CVSS 3.1
4.3
EPSS
2.1%
CVE-2020-17131 MEDIUM PATCH This Month

Chakra Scripting Engine Memory Corruption Vulnerability. Rated medium severity (CVSS 4.2), this vulnerability is remotely exploitable, no authentication required. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Edge Chakracore
NVD
CVSS 3.1
4.2
EPSS
1.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy