Skip to main content
CVE-2020-27172 CRITICAL Act Now

An issue was discovered in G-Data before 25.5.9.25 using Symbolic links, it is possible to abuse the infected-file restore mechanism to achieve arbitrary write that leads to elevation of privileges. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure G Data
NVD
CVSS 3.1
9.8
EPSS
1.3%
CVE-2020-35613 CRITICAL Act Now

An issue was discovered in Joomla!. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Joomla
NVD
CVSS 3.1
9.8
EPSS
28.4%
CVE-2020-26030 CRITICAL Act Now

An issue was discovered in Zammad before 3.4.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Zammad
NVD
CVSS 3.1
9.8
EPSS
1.3%
CVE-2020-26290 CRITICAL PATCH Act Now

Dex is a federated OpenID Connect provider written in Go. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Mattermost Jwt Attack Authentication Bypass Dex
NVD GitHub
CVSS 3.1
9.6
EPSS
1.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy