VIR Vulnerability Intelligence Relay

CVEs from 2020

3,802 normalized CVEs published or assigned in this year.

Total
3,802
critical
critical 206
high
high 563
medium
medium 745
low
low 59
% Critical
5.4%
% with KEV
3.8%
% with exploit
5.4%

Top vendors

Top products

  • retail_xstore_point_of_service 33
  • banking_digital_experience 30
  • primavera_unifier 29
  • retail_service_backbone 15
  • financial_services_institutional_performance_analytics 13
  • insurance_policy_administration_j2ee 11
  • communications_network_charging_and_control 10
  • enterprise_manager_base_platform 10

Top packages

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2020-36331 medium 5.5 5y ago RHSA-2021:4231: libwebp security update (Moderate)
CVE-2020-7069 medium 5.5 5y ago RHSA-2021:4213: php:7.4 security, bug fix, and enhancement update (Moderate)
CVE-2020-7070 medium 5.5 5y ago RHSA-2021:4213: php:7.4 security, bug fix, and enhancement update (Moderate)
CVE-2020-7071 medium 5.5 5y ago RHSA-2021:4213: php:7.4 security, bug fix, and enhancement update (Moderate)
CVE-2020-7068 medium 5.5 5y ago RHSA-2021:4213: php:7.4 security, bug fix, and enhancement update (Moderate)
CVE-2020-15859 medium 5.5 5y ago QEMU 4.2.0 has a use-after-free in hw/net/e1000e_core.c because a guest OS user can trigger an e1000e packet with the data's address set to the e1000e's MMIO address.
CVE-2020-28896 medium 5.5 5y ago RHSA-2021:4181: mutt security, bug fix, and enhancement update (Moderate)
CVE-2020-27619 medium 5.5 5y ago In Python 3 through 3.9.0, the Lib/test/multibytecodec_support.py CJK codec tests call eval() on content retrieved via HTTP.
CVE-2020-26558 medium 5.5 5y ago Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authe…
CVE-2020-14844 medium 5.5 5y ago RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate)
CVE-2020-14860 medium 5.5 5y ago RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate)
CVE-2020-14870 medium 5.5 5y ago RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate)
CVE-2020-14852 medium 5.5 5y ago RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate)
CVE-2020-14848 medium 5.5 5y ago RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate)
CVE-2020-14873 medium 5.5 5y ago RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate)
CVE-2020-14888 medium 5.5 5y ago RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate)
CVE-2020-14891 medium 5.5 5y ago RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate)
CVE-2020-14893 medium 5.5 5y ago RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate)
CVE-2020-14846 medium 5.5 5y ago RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate)
CVE-2020-14861 medium 5.5 5y ago RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate)
CVE-2020-14867 medium 5.5 5y ago RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate)
CVE-2020-14866 medium 5.5 5y ago RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate)
CVE-2020-14868 medium 5.5 5y ago RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate)
CVE-2020-14830 medium 5.5 5y ago RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate)
CVE-2020-14829 medium 5.5 5y ago RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate)
CVE-2020-14838 medium 5.5 5y ago RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate)
CVE-2020-14828 medium 5.5 5y ago RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate)
CVE-2020-14821 medium 5.5 5y ago RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate)
CVE-2020-14837 medium 5.5 5y ago RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate)
CVE-2020-14814 medium 5.5 5y ago RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate)
CVE-2020-14809 medium 5.5 5y ago RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate)
CVE-2020-14804 medium 5.5 5y ago RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate)
CVE-2020-14793 medium 5.5 5y ago RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate)
CVE-2020-14790 medium 5.5 5y ago RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate)
CVE-2020-14769 medium 5.5 5y ago RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate)
CVE-2020-14800 medium 5.5 5y ago RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate)
CVE-2020-14791 medium 5.5 5y ago RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate)
CVE-2020-14786 medium 5.5 5y ago RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate)
CVE-2020-14845 medium 5.5 5y ago RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate)
CVE-2020-14839 medium 5.5 5y ago RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate)
CVE-2020-14836 medium 5.5 5y ago RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate)
CVE-2020-14794 medium 5.5 5y ago RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate)
CVE-2020-14773 medium 5.5 5y ago RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate)
CVE-2020-14775 medium 5.5 5y ago RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate)
CVE-2020-14777 medium 5.5 5y ago RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate)
CVE-2020-14672 medium 5.5 5y ago RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate)
CVE-2020-14765 medium 5.5 5y ago RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate)
CVE-2020-14785 medium 5.5 5y ago RHSA-2021:3590: mysql:8.0 security, bug fix, and enhancement update (Moderate)
CVE-2020-25648 medium 5.5 5y ago A flaw was found in the way NSS handled CCS (ChangeCipherSpec) messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a denial of service for servers compiled …
CVE-2020-13754 medium 5.5 5y ago hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access via a crafted address in an msi-x mmio operation.
CVE-2020-27617 medium 5.5 5y ago eth_get_gso_type in net/eth.c in QEMU 4.2.1 allows guest OS users to trigger an assertion failure. A guest can crash the QEMU process via packet data that lacks a valid Layer 3 protocol.
CVE-2020-36323 medium 5.5 5y ago RHSA-2021:3063: rust-toolset:rhel8 security, bug fix, and enhancement update (Moderate)
CVE-2020-26264 medium 5.5 5y ago Nil pointer dereference via malicious RPC message in github.com/ethereum/go-ethereum
CVE-2020-10933 medium 5.5 5y ago RHSA-2021:2588: ruby:2.6 security, bug fix, and enhancement update (Moderate)
CVE-2020-27846 medium 5.5 5y ago RHSA-2021:1859: grafana security, bug fix, and enhancement update (Moderate)
CVE-2020-26284 medium 5.5 5y ago Hugo is a fast and Flexible Static Site Generator built in Go. Hugo depends on Go's `os/exec` for certain features, e.g. for rendering of Pandoc documents if these binaries are found in the system `%…
CVE-2020-26137 medium 5.5 5y ago RHSA-2021:1761: python27:2.7 security and bug fix update (Moderate)
CVE-2020-28924 medium 5.5 5y ago An issue was discovered in Rclone before 1.53.3. Due to the use of a weak random number generator, the password generator has been producing weak passwords with much less entropy than advertised. The…
CVE-2020-13956 medium 5.5 5y ago RHSA-2022:1861: maven:3.5 security update (Moderate)
CVE-2020-14040 medium 5.5 5y ago RHSA-2020:4694: container-tools:rhel8 security, bug fix, and enhancement update (Moderate)
CVE-2020-5238 medium 5.5 5y ago RHSA-2021:1972: pandoc security update (Moderate)
CVE-2020-13631 medium 5.5 5y ago RHSA-2021:1968: mingw packages security and bug fix update (Moderate)
CVE-2020-13434 medium 5.5 5y ago RHSA-2021:1968: mingw packages security and bug fix update (Moderate)
CVE-2020-13630 medium 5.5 5y ago RHSA-2021:1968: mingw packages security and bug fix update (Moderate)
CVE-2020-13632 medium 5.5 5y ago RHSA-2021:1968: mingw packages security and bug fix update (Moderate)
CVE-2020-25275 medium 5.5 5y ago Dovecot before 2.3.13 has Improper Input Validation in lda, lmtp, and imap, leading to an application crash via a crafted email message with certain choices for ten thousand MIME parts.
CVE-2020-24386 medium 5.5 5y ago An issue was discovered in Dovecot before 2.3.13. By using IMAP IDLE, an authenticated attacker can trigger unhibernation via attacker-controlled parameters, leading to access to other users' email m…
CVE-2020-27778 medium 5.5 5y ago A flaw was found in Poppler in the way certain PDF files were converted into HTML. A remote attacker could exploit this flaw by providing a malicious PDF file that, when processed by the 'pdftohtml' …
CVE-2020-26116 medium 5.5 5y ago http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by ins…
CVE-2020-16305 medium 5.5 5y ago RHSA-2023:7053: ghostscript security and bug fix update (Moderate)
CVE-2020-16309 medium 5.5 5y ago RHSA-2021:1852: ghostscript security, bug fix, and enhancement update (Moderate)
CVE-2020-14373 medium 5.5 5y ago RHSA-2021:1852: ghostscript security, bug fix, and enhancement update (Moderate)
CVE-2020-16287 medium 5.5 5y ago RHSA-2021:1852: ghostscript security, bug fix, and enhancement update (Moderate)
CVE-2020-16288 medium 5.5 5y ago RHSA-2021:1852: ghostscript security, bug fix, and enhancement update (Moderate)
CVE-2020-16289 medium 5.5 5y ago RHSA-2021:1852: ghostscript security, bug fix, and enhancement update (Moderate)
CVE-2020-16290 medium 5.5 5y ago RHSA-2021:1852: ghostscript security, bug fix, and enhancement update (Moderate)
CVE-2020-16291 medium 5.5 5y ago RHSA-2021:1852: ghostscript security, bug fix, and enhancement update (Moderate)
CVE-2020-16298 medium 5.5 5y ago RHSA-2021:1852: ghostscript security, bug fix, and enhancement update (Moderate)
CVE-2020-16300 medium 5.5 5y ago RHSA-2021:1852: ghostscript security, bug fix, and enhancement update (Moderate)
CVE-2020-16292 medium 5.5 5y ago RHSA-2021:1852: ghostscript security, bug fix, and enhancement update (Moderate)
CVE-2020-16293 medium 5.5 5y ago RHSA-2021:1852: ghostscript security, bug fix, and enhancement update (Moderate)
CVE-2020-16306 medium 5.5 5y ago RHSA-2021:1852: ghostscript security, bug fix, and enhancement update (Moderate)
CVE-2020-16294 medium 5.5 5y ago RHSA-2021:1852: ghostscript security, bug fix, and enhancement update (Moderate)
CVE-2020-16296 medium 5.5 5y ago RHSA-2021:1852: ghostscript security, bug fix, and enhancement update (Moderate)
CVE-2020-16295 medium 5.5 5y ago RHSA-2021:1852: ghostscript security, bug fix, and enhancement update (Moderate)
CVE-2020-16308 medium 5.5 5y ago RHSA-2021:1852: ghostscript security, bug fix, and enhancement update (Moderate)
CVE-2020-16297 medium 5.5 5y ago RHSA-2021:1852: ghostscript security, bug fix, and enhancement update (Moderate)
CVE-2020-16299 medium 5.5 5y ago RHSA-2021:1852: ghostscript security, bug fix, and enhancement update (Moderate)
CVE-2020-16301 medium 5.5 5y ago RHSA-2021:1852: ghostscript security, bug fix, and enhancement update (Moderate)
CVE-2020-16303 medium 5.5 5y ago RHSA-2021:1852: ghostscript security, bug fix, and enhancement update (Moderate)
CVE-2020-16307 medium 5.5 5y ago RHSA-2021:1852: ghostscript security, bug fix, and enhancement update (Moderate)
CVE-2020-17538 medium 5.5 5y ago RHSA-2021:1852: ghostscript security, bug fix, and enhancement update (Moderate)
CVE-2020-16310 medium 5.5 5y ago RHSA-2021:1852: ghostscript security, bug fix, and enhancement update (Moderate)
CVE-2020-16302 medium 5.5 5y ago RHSA-2021:1852: ghostscript security, bug fix, and enhancement update (Moderate)
CVE-2020-16304 medium 5.5 5y ago RHSA-2021:1852: ghostscript security, bug fix, and enhancement update (Moderate)
CVE-2020-4030 medium 5.5 5y ago RHSA-2021:1849: freerdp security, bug fix, and enhancement update (Moderate)
CVE-2020-11099 medium 5.5 5y ago RHSA-2021:1849: freerdp security, bug fix, and enhancement update (Moderate)
CVE-2020-4033 medium 5.5 5y ago RHSA-2021:1849: freerdp security, bug fix, and enhancement update (Moderate)
CVE-2020-15103 medium 5.5 5y ago RHSA-2021:1849: freerdp security, bug fix, and enhancement update (Moderate)
CVE-2020-11095 medium 5.5 5y ago RHSA-2021:1849: freerdp security, bug fix, and enhancement update (Moderate)