CVE-2020-28032
- EPSS 16.12%
- Veröffentlicht 02.11.2020 21:15:30
- Zuletzt bearbeitet 21.11.2024 05:22:14
WordPress before 5.5.2 mishandles deserialization requests in wp-includes/Requests/Utility/FilteredIterator.php.
CVE-2020-28033
- EPSS 2.62%
- Veröffentlicht 02.11.2020 21:15:30
- Zuletzt bearbeitet 21.11.2024 05:22:14
WordPress before 5.5.2 mishandles embeds from disabled sites on a multisite network, as demonstrated by allowing a spam embed.
CVE-2020-28034
- EPSS 1.7%
- Veröffentlicht 02.11.2020 21:15:30
- Zuletzt bearbeitet 21.11.2024 05:22:14
WordPress before 5.5.2 allows XSS associated with global variables.
CVE-2020-28035
- EPSS 4.2%
- Veröffentlicht 02.11.2020 21:15:30
- Zuletzt bearbeitet 21.11.2024 05:22:14
WordPress before 5.5.2 allows attackers to gain privileges via XML-RPC.
CVE-2020-28036
- EPSS 5.02%
- Veröffentlicht 02.11.2020 21:15:30
- Zuletzt bearbeitet 21.11.2024 05:22:15
wp-includes/class-wp-xmlrpc-server.php in WordPress before 5.5.2 allows attackers to gain privileges by using XML-RPC to comment on a post.
CVE-2020-28037
- EPSS 7.74%
- Veröffentlicht 02.11.2020 21:15:30
- Zuletzt bearbeitet 21.11.2024 05:22:15
is_blog_installed in wp-includes/functions.php in WordPress before 5.5.2 improperly determines whether WordPress is already installed, which might allow an attacker to perform a new installation, leading to remote code execution (as well as a denial ...
CVE-2020-14323
- EPSS 0.61%
- Veröffentlicht 29.10.2020 20:15:17
- Zuletzt bearbeitet 21.11.2024 05:03:00
A null pointer dereference flaw was found in samba's Winbind service in versions before 4.11.15, before 4.12.9 and before 4.13.1. A local user could use this flaw to crash the winbind service causing denial of service.
- EPSS 4.54%
- Veröffentlicht 27.10.2020 19:15:12
- Zuletzt bearbeitet 21.11.2024 05:05:09
Blueman is a GTK+ Bluetooth Manager. In Blueman before 2.1.4, the DhcpClient method of the D-Bus interface to blueman-mechanism is prone to an argument injection vulnerability. The impact highly depends on the system configuration. If Polkit-1 is dis...
- EPSS 4.3%
- Veröffentlicht 23.10.2020 13:15:16
- Zuletzt bearbeitet 21.11.2024 05:20:52
In Eclipse Jetty versions 1.0 thru 9.4.32.v20200930, 10.0.0.alpha1 thru 10.0.0.beta2, and 11.0.0.alpha1 thru 11.0.0.beta2O, on Unix like systems, the system's temporary directory is shared between all users on that system. A collocated user can obser...
CVE-2020-27673
- EPSS 0.41%
- Veröffentlicht 22.10.2020 21:15:14
- Zuletzt bearbeitet 21.11.2024 05:21:38
An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. Guest OS users can cause a denial of service (host OS hang) via a high rate of events to dom0, aka CID-e99502f76271.