CVEs from 2020
Total
3,794
critical
critical 206
high
high 563
medium
medium 744
low
low 60
% Critical
5.4%
% with KEV
3.8%
% with exploit
5.4%
Top vendors
- oracle 476
- schneider-electric 139
- siemens 103
- netapp 28
- arista 15
- rockwellautomation 9
- fasterxml 8
- kubernetes 8
Top products
- retail_xstore_point_of_service 33
- banking_digital_experience 30
- primavera_unifier 29
- retail_service_backbone 15
- financial_services_institutional_performance_analytics 13
- insurance_policy_administration_j2ee 11
- communications_network_charging_and_control 10
- enterprise_manager_base_platform 10
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-14305 | unknown | — | — | — | An out-of-bounds memory write flaw was found in how the Linux kernel’s Voice Over IP H.323 connection tracking functionality handled connections on ipv6 port 1720. This flaw allows an unauthenticated… | |||
| CVE-2020-14404 | unknown | — | — | — | An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rre.c allows out-of-bounds access via encodings. | |||
| CVE-2020-6554 | unknown | — | — | — | Use after free in extensions in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially perform a sandbox escape via a crafted Chrome Extension. | |||
| CVE-2020-15663 | unknown | — | — | — | If Firefox is installed to a user-writable directory, the Mozilla Maintenance Service would execute updater.exe from the install location with system privileges. Although the Mozilla Maintenance Serv… | |||
| CVE-2020-6553 | unknown | — | — | — | Use after free in offline mode in Google Chrome on iOS prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||
| CVE-2020-15436 | unknown | — | — | — | Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field. | |||
| CVE-2020-22284 | unknown | — | — | — | A buffer overflow vulnerability in the zepif_linkoutput() function of Free Software Foundation lwIP git head version and version 2.1.2 allows attackers to access sensitive information via a crafted 6… | |||
| CVE-2020-15852 | unknown | — | — | — | An issue was discovered in the Linux kernel 5.5 through 5.7.9, as used in Xen through 4.13.x for x86 PV guests. An attacker may be granted the I/O port permissions of an unrelated task. This occurs b… | |||
| CVE-2020-6453 | unknown | — | — | — | Inappropriate implementation in V8 in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||
| CVE-2020-15996 | unknown | — | — | — | Use after free in passwords in Google Chrome prior to 86.0.4240.99 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | |||
| CVE-2020-15998 | unknown | — | — | — | Use after free in USB in Google Chrome prior to 86.0.4240.99 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | |||
| CVE-2020-16011 | unknown | — | — | — | Heap buffer overflow in UI in Google Chrome on Windows prior to 86.0.4240.183 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted … | |||
| CVE-2020-16045 | unknown | — | — | — | Use after Free in Payments in Google Chrome on Android prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted H… | |||
| CVE-2020-1699 | unknown | — | — | — | A path traversal flaw was found in the Ceph dashboard implemented in upstream versions v14.2.5, v14.2.6, v15.0.0 of Ceph storage and has been fixed in versions 14.2.7 and 15.1.0. An unauthenticated a… | |||
| CVE-2020-1700 | unknown | — | — | — | A flaw was found in the way the Ceph RGW Beast front-end handles unexpected disconnects. An authenticated attacker can abuse this flaw by making multiple disconnect attempts resulting in a permanent … | |||
| CVE-2020-1759 | unknown | — | — | — | A vulnerability was found in Red Hat Ceph Storage 4 and Red Hat Openshift Container Storage 4.2 where, A nonce reuse vulnerability was discovered in the secure mode of the messenger v2 protocol, whic… | |||
| CVE-2020-23804 | unknown | — | — | — | Uncontrolled Recursion in pdfinfo, and pdftops in poppler 0.89.0 allows remote attackers to cause a denial of service via crafted input. | |||
| CVE-2020-24352 | unknown | — | — | — | An issue was discovered in QEMU through 5.1.0. An out-of-bounds memory access was found in the ATI VGA device implementation. This flaw occurs in the ati_2d_blt() routine in hw/display/ati_2d.c while… | |||
| CVE-2020-25220 | unknown | — | — | — | The Linux kernel 4.9.x before 4.9.233, 4.14.x before 4.14.194, and 4.19.x before 4.19.140 has a use-after-free because skcd->no_refcnt was not considered during a backport of a CVE-2020-14356 patch. … | |||
| CVE-2020-25221 | unknown | — | — | — | get_gate_page in mm/gup.c in the Linux kernel 5.7.x and 5.8.x before 5.8.7 allows privilege escalation because of incorrect reference counting (caused by gate page mishandling) of the struct page tha… | |||
| CVE-2020-25623 | unknown | — | — | — | Erlang/OTP 22.3.x before 22.3.4.6 and 23.x before 23.1 allows Directory Traversal. An attacker can send a crafted HTTP request to read arbitrary files, if httpd in the inets application is used. | |||
| CVE-2020-25670 | unknown | — | — | — | A vulnerability was found in Linux Kernel where refcount leak in llcp_sock_bind() causing use-after-free which might lead to privilege escalations. | |||
| CVE-2020-25676 | unknown | — | — | — | In CatromWeights(), MeshInterpolate(), InterpolatePixelChannel(), InterpolatePixelChannels(), and InterpolatePixelInfo(), which are all functions in /MagickCore/pixel.c, there were multiple unconstra… | |||
| CVE-2020-25741 | unknown | — | — | — | fdctrl_write_data in hw/block/fdc.c in QEMU 5.0.0 has a NULL pointer dereference via a NULL block pointer for the current drive. | |||
| CVE-2020-16048 | unknown | — | — | — | Out of bounds read in ANGLE allowed a remote attacker to obtain sensitive data via a crafted HTML page. | |||
| CVE-2020-16001 | unknown | — | — | — | Use after free in media in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||
| CVE-2020-27068 | unknown | — | — | — | Product: AndroidVersions: Android kernelAndroid ID: A-127973231References: Upstream kernel | |||
| CVE-2020-27352 | unknown | — | — | — | When generating the systemd service units for the docker snap (and other similar snaps), snapd does not specify Delegate=yes - as a result systemd will move processes from the containers created and … | |||
| CVE-2020-27757 | unknown | — | — | — | A floating point math calculation in ScaleAnyToQuantum() of /MagickCore/quantum-private.h could lead to undefined behavior in the form of a value outside the range of type unsigned long long. The fla… | |||
| CVE-2020-27761 | unknown | — | — | — | WritePALMImage() in /coders/palm.c used size_t casts in several areas of a calculation which could lead to values outside the range of representable type `unsigned long` undefined behavior when a cra… | |||
| CVE-2020-27763 | unknown | — | — | — | A flaw was found in ImageMagick in MagickCore/resize.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. … | |||
| CVE-2020-27765 | unknown | — | — | — | A flaw was found in ImageMagick in MagickCore/segment.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero.… | |||
| CVE-2020-27768 | unknown | — | — | — | In ImageMagick, there is an outside the range of representable values of type 'unsigned int' at MagickCore/quantum-private.h. This flaw affects ImageMagick versions prior to 7.0.9-0. | |||
| CVE-2020-27776 | unknown | — | — | — | A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the r… | |||
| CVE-2020-27784 | unknown | — | — | — | A vulnerability was found in the Linux kernel, where accessing a deallocated instance in printer_ioctl() printer_ioctl() tries to access of a printer_dev instance. However, use-after-free arises beca… | |||
| CVE-2020-27795 | unknown | — | — | — | A segmentation fault was discovered in radare2 with adf command. In libr/core/cmd_anal.c, when command "adf" has no or wrong argument, anal_fcn_data (core, input + 1) --> RAnalFunction *fcn = r_anal_… | |||
| CVE-2020-28588 | unknown | — | — | — | An information disclosure vulnerability exists in the /proc/pid/syscall functionality of Linux Kernel 5.1 Stable and 5.4.66. More specifically, this issue has been introduced in v5.1-rc4 (commit 631b… | |||
| CVE-2020-15993 | unknown | — | — | — | Use after free in printing in Google Chrome prior to 86.0.4240.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||
| CVE-2020-13614 | unknown | — | — | — | An issue was discovered in ssl.c in Axel before 2.17.8. The TLS implementation lacks hostname verification. | |||
| CVE-2020-15959 | unknown | — | — | — | Insufficient policy enforcement in networking in Google Chrome prior to 85.0.4183.102 allowed an attacker who convinced the user to enable logging to obtain potentially sensitive information from pro… | |||
| CVE-2020-14415 | unknown | — | — | — | oss_write in audio/ossaudio.c in QEMU before 5.0.0 mishandles a buffer position. | |||
| CVE-2020-22283 | unknown | — | — | — | A buffer overflow vulnerability in the icmp6_send_response_with_addrs_and_netif() function of Free Software Foundation lwIP version git head allows attackers to access sensitive information via a cra… | |||
| CVE-2020-13659 | unknown | — | — | — | address_space_map in exec.c in QEMU 4.2.0 can trigger a NULL pointer dereference related to BounceBuffer. | |||
| CVE-2020-29568 | unknown | — | — | — | An issue was discovered in Xen through 4.14.x. Some OSes (such as Linux, FreeBSD, and NetBSD) are processing watch events using a single thread. If the events are received faster than the thread is a… | |||
| CVE-2020-29599 | unknown | — | — | — | ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles the -authenticate option, which allows setting a password for password-protected PDF files. The user-controlled password was not prope… | |||
| CVE-2020-25756 | unknown | — | — | — | A buffer overflow vulnerability exists in the mg_get_http_header function in Cesanta Mongoose 6.18 due to a lack of bounds checking. A crafted HTTP header can exploit this bug. NOTE: a committer has … | |||
| CVE-2020-6500 | unknown | — | — | — | Inappropriate implementation in interstitials in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | |||
| CVE-2020-35505 | unknown | — | — | — | A NULL pointer dereference flaw was found in the am53c974 SCSI host bus adapter emulation of QEMU in versions before 6.0.0. This issue occurs while handling the 'Information Transfer' command. This f… | |||
| CVE-2020-35504 | unknown | — | — | — | A NULL pointer dereference flaw was found in the SCSI emulation support of QEMU in versions before 6.0.0. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in … | |||
| CVE-2020-35503 | unknown | — | — | — | A NULL pointer dereference flaw was found in the megasas-gen2 SCSI host bus adapter emulation of QEMU in versions before and including 6.0. This issue occurs in the megasas_command_cancelled() callba… | |||
| CVE-2020-27661 | unknown | — | — | — | A divide-by-zero issue was found in dwc2_handle_packet in hw/usb/hcd-dwc2.c in the hcd-dwc2 USB host controller emulation of QEMU. A malicious guest could use this flaw to crash the QEMU process on t… | |||
| CVE-2020-27350 | unknown | — | — | — | APT had several integer overflows and underflows while parsing .deb packages, aka GHSL-2020-168 GHSL-2020-169, in files apt-pkg/contrib/extracttar.cc, apt-pkg/deb/debfile.cc, and apt-pkg/contrib/arfi… | |||
| CVE-2020-3810 | unknown | — | — | — | Missing input validation in the ar/tar implementations of APT before version 2.1.2 could result in denial of service when processing specially crafted deb files. | |||
| CVE-2020-25743 | unknown | — | — | — | hw/ide/pci.c in QEMU before 5.1.1 can trigger a NULL pointer dereference because it lacks a pointer check before an ide_cancel_dma_sync call. | |||
| CVE-2020-25742 | unknown | — | — | — | pci_change_irq_level in hw/pci/pci.c in QEMU before 5.1.1 has a NULL pointer dereference because pci_get_bus() might not return a valid pointer. | |||
| CVE-2020-19861 | unknown | — | — | — | When a zone file in ldns 1.7.1 is parsed, the function ldns_nsec3_salt_data is too trusted for the length value obtained from the zone file. When the memcpy is copied, the 0xfe - ldns_rdf_size(salt_r… | |||
| CVE-2020-12783 | unknown | — | — | — | Exim through 4.93 has an out-of-bounds read in the SPA authenticator that could result in SPA/NTLM authentication bypass in auths/spa.c and auths/auth-spa.c. | |||
| CVE-2020-27066 | unknown | — | — | — | In xfrm6_tunnel_free_spi of net/ipv6/xfrm6_tunnel.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges need… | |||
| CVE-2020-16002 | unknown | — | — | — | Use after free in PDFium in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. | |||
| CVE-2020-27194 | unknown | — | — | — | An issue was discovered in the Linux kernel before 5.8.15. scalar32_min_max_or in kernel/bpf/verifier.c mishandles bounds tracking during use of 64-bit values, aka CID-5b9fbeb75b6a. | |||
| CVE-2020-6538 | unknown | — | — | — | Inappropriate implementation in WebView in Google Chrome on Android prior to 84.0.4147.105 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | |||
| CVE-2020-6558 | unknown | — | — | — | Insufficient policy enforcement in iOSWeb in Google Chrome on iOS prior to 85.0.4183.83 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. | |||
| CVE-2020-6546 | unknown | — | — | — | Inappropriate implementation in installer in Google Chrome prior to 84.0.4147.125 allowed a local attacker to potentially elevate privilege via a crafted filesystem. | |||
| CVE-2020-6547 | unknown | — | — | — | Incorrect security UI in media in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially obtain sensitive information via a crafted HTML page. | |||
| CVE-2020-6550 | unknown | — | — | — | Use after free in IndexedDB in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||
| CVE-2020-6555 | unknown | — | — | — | Out of bounds read in WebGL in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. | |||
| CVE-2020-6551 | unknown | — | — | — | Use after free in WebXR in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||
| CVE-2020-6561 | unknown | — | — | — | Inappropriate implementation in Content Security Policy in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | |||
| CVE-2020-6563 | unknown | — | — | — | Insufficient policy enforcement in intent handling in Google Chrome on Android prior to 85.0.4183.83 allowed a remote attacker to obtain potentially sensitive information from disk via a crafted HTML… | |||
| CVE-2020-6571 | unknown | — | — | — | Insufficient data validation in Omnibox in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. | |||
| CVE-2020-18839 | unknown | — | — | — | Buffer Overflow vulnerability in HtmlOutputDev::page in poppler 0.75.0 allows attackers to cause a denial of service. | |||
| CVE-2020-14403 | unknown | — | — | — | An issue was discovered in LibVNCServer before 0.9.13. libvncserver/hextile.c allows out-of-bounds access via encodings. | |||
| CVE-2020-14298 | unknown | — | — | — | The version of docker as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 advisory included an incorrect version of runc missing the fix for CVE-2019-5736, which was previously fixed… | |||
| CVE-2020-13124 | unknown | — | — | — | SABnzbd 2.3.9 and 3.0.0Alpha2 has a command injection vulnerability in the web configuration interface that permits an authenticated user to execute arbitrary Python commands on the underlying operat… | |||
| CVE-2020-6540 | unknown | — | — | — | Buffer overflow in Skia in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||
| CVE-2020-6541 | unknown | — | — | — | Use after free in WebUSB in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||
| CVE-2020-6564 | unknown | — | — | — | Inappropriate implementation in permissions in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to spoof the contents of a permission dialog via a crafted HTML page. | |||
| CVE-2020-6559 | unknown | — | — | — | Use after free in presentation API in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||
| CVE-2020-12279 | unknown | — | — | — | An issue was discovered in libgit2 before 0.28.4 and 0.9x before 0.99.0. checkout.c mishandles equivalent filenames that exist because of NTFS short names. This may allow remote code execution when c… | |||
| CVE-2020-12278 | unknown | — | — | — | An issue was discovered in libgit2 before 0.28.4 and 0.9x before 0.99.0. path.c mishandles equivalent filenames that exist because of NTFS Alternate Data Streams. This may allow remote code execution… | |||
| CVE-2020-10380 | unknown | — | — | — | RMySQL through 0.10.19 allows SQL Injection. | |||
| CVE-2020-0030 | unknown | — | — | — | In binder_thread_release of binder.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User… | |||
| CVE-2020-0110 | unknown | — | — | — | In psi_write of psi.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User int… | |||
| CVE-2020-0423 | unknown | — | — | — | In binder_release_work of binder.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges … | |||
| CVE-2020-0429 | unknown | — | — | — | In l2tp_session_delete and related functions of l2tp_core.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privil… | |||
| CVE-2020-11609 | unknown | — | — | — | An issue was discovered in the stv06xx subsystem in the Linux kernel before 5.6.1. drivers/media/usb/gspca/stv06xx/stv06xx.c and drivers/media/usb/gspca/stv06xx/stv06xx_pb0100.c mishandle invalid des… | |||
| CVE-2020-11669 | unknown | — | — | — | An issue was discovered in the Linux kernel before 5.2 on the powerpc platform. arch/powerpc/kernel/idle_book3s.S does not have save/restore functionality for PNV_POWERSAVE_AMR, PNV_POWERSAVE_UAMOR, … | |||
| CVE-2020-12656 | unknown | — | — | — | gss_mech_free in net/sunrpc/auth_gss/gss_mech_switch.c in the rpcsec_gss_krb5 implementation in the Linux kernel through 5.6.10 lacks certain domain_release calls, leading to a memory leak. Note: Thi… | |||
| CVE-2020-12652 | unknown | — | — | — | The __mptctl_ioctl function in drivers/message/fusion/mptctl.c in the Linux kernel before 5.4.14 allows local users to hold an incorrect lock during the ioctl operation and trigger a race condition, … | |||
| CVE-2020-12771 | unknown | — | — | — | An issue was discovered in the Linux kernel through 5.6.11. btree_gc_coalesce in drivers/md/bcache/btree.c has a deadlock if a coalescing operation fails. | |||
| CVE-2020-14304 | unknown | — | — | — | A memory disclosure flaw was found in the Linux kernel's ethernet drivers, in the way it read data from the EEPROM of the device. This flaw allows a local user to read uninitialized values from the k… | |||
| CVE-2020-14390 | unknown | — | — | — | A flaw was found in the Linux kernel in versions before 5.9-rc6. When changing screen size, an out-of-bounds memory write can occur leading to memory corruption or a denial of service. Due to the nat… | |||
| CVE-2020-14416 | unknown | — | — | — | In the Linux kernel before 5.4.16, a race condition in tty->disc_data handling in the slip and slcan line discipline could lead to a use-after-free, aka CID-0ace17d56824. This affects drivers/net/sli… | |||
| CVE-2020-12412 | unknown | — | — | — | By navigating a tab using the history API, an attacker could cause the address bar to display the incorrect domain (with the https:// scheme, a blocked port number such as '1', and without a lock ico… | |||
| CVE-2020-25668 | unknown | — | — | — | A flaw was found in Linux Kernel because access to the global variable fg_console is not properly synchronized leading to a use after free in con_font_op. | |||
| CVE-2020-25672 | unknown | — | — | — | A memory leak vulnerability was found in Linux kernel in llcp_sock_connect | |||
| CVE-2020-27067 | unknown | — | — | — | In the l2tp subsystem, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not ne… | |||
| CVE-2020-27418 | unknown | — | — | — | A Use After Free vulnerability in Fedora Linux kernel 5.9.0-rc9 allows attackers to obatin sensitive information via vgacon_invert_region() function. | |||
| CVE-2020-27825 | unknown | — | — | — | A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel (before 5.10-rc1). There was a race problem in trace_open and resize of cpu buffer running parallely on different cpus, m… | |||
| CVE-2020-15650 | unknown | — | — | — | Given an installed malicious file picker application, an attacker was able to overwrite local files and thus overwrite Firefox settings (but not access the previous profile). *Note: This issue only a… |