CVEs from 2020

3,802 normalized CVEs published or assigned in this year.

Total

3,802

critical

critical 206

high

high 563

medium

medium 745

low

low 59

% Critical

5.4%

% with KEV

3.8%

% with exploit

5.4%

Top vendors

Top products

retail_xstore_point_of_service 33
banking_digital_experience 30
primavera_unifier 29
retail_service_backbone 15
financial_services_institutional_performance_analytics 13
insurance_policy_administration_j2ee 11
communications_network_charging_and_control 10
enterprise_manager_base_platform 10

Top packages

PyPI/tensorflow-cpu 146
PyPI/tensorflow-gpu 146
PyPI/tensorflow 146
Packagist/drupal/core 67
PyPI/salt 64
PyPI/ansible 61
Packagist/magento/community-edition 61
Maven/com.fasterxml.jackson.core:jackson-databind 55

critical high medium low unknown

0

KEV Has exploit

CVE	Severity	CVSS	Risk	Flags	OS	Vendor	Published	Description
CVE-2020-11078	low	—	2.5				6y ago	RHSA-2020:4605: resource-agents security and bug fix update (Low)
CVE-2020-11054	low	—	2.5				6y ago	In qutebrowser versions less than 1.11.1, reloading a page with certificate errors shows a green URL. After a certificate error was overridden by the user, qutebrowser displays the URL as yellow (col…
CVE-2020-15719	low	—	2.5				7y ago	RHBA-2019:3674: openldap bug fix and enhancement update (Low)
CVE-2020-8562	low	2.2	2.2				4y ago	As mitigations to a report from 2019 and CVE-2020-8555, Kubernetes attempts to prevent proxied connections from accessing link-local or localhost networks when making user-driven connections to Servi…