Security Vulnerabilities - CVEs Published In January 2020
install/index.php in WebCalendar before 1.2.5 allows remote attackers to execute arbitrary code via the form_single_user_login parameter.
CVSS Score
9.8
EPSS Score
0.885
Published
2020-01-27
Local file inclusion in WebCalendar before 1.2.5.
CVSS Score
8.8
EPSS Score
0.008
Published
2020-01-27
Pinboard 1.0.6 theme for Wordpress has XSS.
CVSS Score
5.4
EPSS Score
0.002
Published
2020-01-27
IrfanView FlashPix Plugin 4.3.4 0 has an Integer Overflow Vulnerability
CVSS Score
9.6
EPSS Score
0.008
Published
2020-01-27
XnView 2.03 has a stack-based buffer overflow vulnerability
CVSS Score
9.8
EPSS Score
0.004
Published
2020-01-27
XnView 2.03 has an integer overflow vulnerability
CVSS Score
9.8
EPSS Score
0.004
Published
2020-01-27
WordPress Portable phpMyAdmin Plugin has an authentication bypass vulnerability
CVSS Score
9.1
EPSS Score
0.012
Published
2020-01-27
Wiz 5.0.3 has a user mode write access violation
CVSS Score
7.5
EPSS Score
0.003
Published
2020-01-27
OSSIM before 4.3.3.1 has tele_compress.php path traversal vulnerability
CVSS Score
7.5
EPSS Score
0.004
Published
2020-01-27
Proxmox VE prior to 3.2: 'AccessControl.pm' User Enumeration Vulnerability
CVSS Score
5.3
EPSS Score
0.002
Published
2020-01-27