Latest Medium Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2020-09-15 CVE-2020-14362 Integer Overflow OR Wraparound vulnerability in X.Org Xorg-Server
A flaw was found in X.Org Server before xorg-x11-server 1.20.9.
local
low complexity
x-org
CWE-190
4.6
2020-09-15 CVE-2020-14361 Integer Overflow OR Wraparound vulnerability in X.Org Xorg-Server
A flaw was found in X.Org Server before xorg-x11-server 1.20.9.
local
low complexity
x-org
CWE-190
4.6
2020-09-15 CVE-2020-14346 Integer Overflow OR Wraparound vulnerability in X.Org Xorg-Server
A flaw was found in xorg-x11-server before 1.20.9.
local
low complexity
x-org
CWE-190
4.6
2020-09-15 CVE-2020-4711 Path Traversal vulnerability in IBM Spectrum Protect Plus
IBM Spectrum Protect Plus 10.1.0 through 10.1.6 could allow a remote attacker to traverse directories on the system.
network
low complexity
ibm
CWE-22
4.0
2020-09-15 CVE-2020-4703 Unrestricted Upload of File With Dangerous Type vulnerability in IBM Spectrum Protect Plus
IBM Spectrum Protect Plus 10.1.0 through 10.1.6 Administrative Console could allow an authenticated attacker to upload arbitrary files which could be execute arbitrary code on the vulnerable server.
network
ibm
CWE-434
6.0
2020-09-15 CVE-2020-4526 Cross-Site Request Forgery (CSRF) vulnerability in IBM Maximo Asset Management
IBM Maximo Asset Management 7.6.0 and 7.6.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
network
ibm
CWE-352
4.3
2020-09-15 CVE-2019-4671 SQL Injection vulnerability in IBM Maximo Asset Management
IBM Maximo Asset Management 7.6.0 and 7.6.1 is vulnerable to SQL injection.
network
low complexity
ibm
CWE-89
6.5
2020-09-14 CVE-2020-13310 Unspecified vulnerability in Gitlab
A vulnerability was discovered in GitLab runner versions before 13.1.3, 13.2.3 and 13.3.1.
network
low complexity
gitlab
4.0
2020-09-14 CVE-2020-13306 Allocation of Resources Without Limits OR Throttling vulnerability in Gitlab
A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4.
network
low complexity
gitlab
CWE-770
5.0
2020-09-14 CVE-2020-13317 Improper Input Validation vulnerability in Gitlab 13.1.0/13.1.1
A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8, and 13.3.4.
network
low complexity
gitlab
CWE-20
4.0