Vulnerabilities +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE | SEVERITY | CVSS | PACKAGE | VERSION | STATUS | PUBLISHED | DISCOVERED | GRACE DAYS | DESCRIPTION | TRIGGERED FAILURE | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2018-14721 | critical | 10.00 | com.fasterxml.jackson.core_jackson-databind | 2.8.5 | fixed in 2.9.7 | > 1 years | < 1 hour | | FasterXML jackson-databind 2.x before 2.9.7 might | Yes | | | | | | | | | | | allow remote attackers to conduct server-side | | | | | | | | | | | | request forgery (SSRF) attacks by leveraging | | | | | | | | | | | | failure t... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-9548 | critical | 9.80 | com.fasterxml.jackson.core_jackson-databind | 2.8.5 | fixed in 2.9.10.4 | > 5 months | < 1 hour | | FasterXML jackson-databind 2.x before | Yes | | | | | | | | | | | 2.9.10.4 mishandles the interaction between | | | | | | | | | | | | serialization gadgets and typing, related to | | | | | | | | | | | | br.com.anteros.dbcp.Ant... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-9547 | critical | 9.80 | com.fasterxml.jackson.core_jackson-databind | 2.8.5 | fixed in 2.9.10.4 | > 5 months | < 1 hour | | FasterXML jackson-databind 2.x before | Yes | | | | | | | | | | | 2.9.10.4 mishandles the interaction between | | | | | | | | | | | | serialization gadgets and typing, related to | | | | | | | | | | | | com.ibatis.sqlmap.engin... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-9546 | critical | 9.80 | com.fasterxml.jackson.core_jackson-databind | 2.8.5 | fixed in 2.9.10.4 | > 5 months | < 1 hour | | FasterXML jackson-databind 2.x before | Yes | | | | | | | | | | | 2.9.10.4 mishandles the interaction between | | | | | | | | | | | | serialization gadgets and typing, related to | | | | | | | | | | | | org.apache.hadoop.shade... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-11620 | critical | 9.80 | com.fasterxml.jackson.core_jackson-databind | 2.8.5 | fixed in 2.9.10.4 | > 4 months | < 1 hour | | FasterXML jackson-databind 2.x before | Yes | | | | | | | | | | | 2.9.10.4 mishandles the interaction between | | | | | | | | | | | | serialization gadgets and typing, related to | | | | | | | | | | | | org.apache.commons.jell... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-11619 | critical | 9.80 | com.fasterxml.jackson.core_jackson-databind | 2.8.5 | fixed in 2.9.10.4 | > 4 months | < 1 hour | | FasterXML jackson-databind 2.x before | Yes | | | | | | | | | | | 2.9.10.4 mishandles the interaction between | | | | | | | | | | | | serialization gadgets and typing, related to | | | | | | | | | | | | org.springframework.aop... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-11612 | critical | 9.80 | io.netty_netty-all | 4.1.6.Final | fixed in 4.1.46 | > 4 months | < 1 hour | | The ZlibDecoders in Netty 4.1.x before 4.1.46 | Yes | | | | | | | | | | | allow for unbounded memory allocation while | | | | | | | | | | | | decoding a ZlibEncoded byte stream. An attacker | | | | | | | | | | | | could send a... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-20330 | critical | 9.80 | com.fasterxml.jackson.core_jackson-databind | 2.8.5 | fixed in 2.9.10.2 | > 7 months | < 1 hour | | FasterXML jackson-databind 2.x before 2.9.10.2 | Yes | | | | | | | | | | | lacks certain net.sf.ehcache blocking. | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-17267 | critical | 9.80 | com.fasterxml.jackson.core_jackson-databind | 2.8.5 | fixed in 2.9.10 | > 10 months | < 1 hour | | A Polymorphic Typing issue was | Yes | | | | | | | | | | | discovered in FasterXML jackson-databind | | | | | | | | | | | | before 2.9.10. It is related to | | | | | | | | | | | | net.sf.ehcache.hibernate.EhcacheJtaTransaction... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-16335 | critical | 9.80 | com.fasterxml.jackson.core_jackson-databind | 2.8.5 | fixed in 2.9.10 | > 11 months | < 1 hour | | A Polymorphic Typing issue was discovered in | Yes | | | | | | | | | | | FasterXML jackson-databind before 2.9.10. It is | | | | | | | | | | | | related to com.zaxxer.hikari.HikariDataSource. | | | | | | | | | | | | This is a ... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-14893 | critical | 9.80 | com.fasterxml.jackson.core_jackson-databind | 2.8.5 | fixed in 2.10.0, 2.9.10 | > 5 months | < 1 hour | | A flaw was discovered in FasterXML | Yes | | | | | | | | | | | jackson-databind in all versions before 2.9.10 | | | | | | | | | | | | and 2.10.0, where it would permit polymorphic | | | | | | | | | | | | deserialization of mal... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-14892 | critical | 9.80 | com.fasterxml.jackson.core_jackson-databind | 2.8.5 | fixed in 2.9.10, 2.8.11.5, 2.6.7.3 | > 5 months | < 1 hour | | A flaw was discovered in jackson-databind in | Yes | | | | | | | | | | | versions before 2.9.10, 2.8.11.5 and 2.6.7.3, | | | | | | | | | | | | where it would permit polymorphic deserialization | | | | | | | | | | | | of a mali... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-14540 | critical | 9.80 | com.fasterxml.jackson.core_jackson-databind | 2.8.5 | fixed in 2.9.10 | > 11 months | < 1 hour | | A Polymorphic Typing issue was discovered in | Yes | | | | | | | | | | | FasterXML jackson-databind before 2.9.10. It is | | | | | | | | | | | | related to com.zaxxer.hikari.HikariConfig. | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-14379 | critical | 9.80 | com.fasterxml.jackson.core_jackson-databind | 2.8.5 | fixed in 2.9.9.2 | > 1 years | < 1 hour | | SubTypeValidator.java in FasterXML | Yes | | | | | | | | | | | jackson-databind before 2.9.9.2 mishandles | | | | | | | | | | | | default typing when ehcache is used (because of | | | | | | | | | | | | net.sf.ehcache.transacti... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2018-7489 | critical | 9.80 | com.fasterxml.jackson.core_jackson-databind | 2.8.5 | fixed in 2.9.5, 2.8.11.1, 2.7.9.3 | > 2 years | < 1 hour | | FasterXML jackson-databind before 2.7.9.3, 2.8.x | Yes | | | | | | | | | | | before 2.8.11.1 and 2.9.x before 2.9.5 allows | | | | | | | | | | | | unauthenticated remote code execution because of | | | | | | | | | | | | an inc... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2018-19362 | critical | 9.80 | com.fasterxml.jackson.core_jackson-databind | 2.8.5 | fixed in 2.9.8 | > 1 years | < 1 hour | | FasterXML jackson-databind 2.x before 2.9.8 might | Yes | | | | | | | | | | | allow attackers to have unspecified impact by | | | | | | | | | | | | leveraging failure to block the jboss-common-core | | | | | | | | | | | | clas... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2018-19361 | critical | 9.80 | com.fasterxml.jackson.core_jackson-databind | 2.8.5 | fixed in 2.9.8 | > 1 years | < 1 hour | | FasterXML jackson-databind 2.x before 2.9.8 might | Yes | | | | | | | | | | | allow attackers to have unspecified impact by | | | | | | | | | | | | leveraging failure to block the openjpa class from | | | | | | | | | | | | pol... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2018-19360 | critical | 9.80 | com.fasterxml.jackson.core_jackson-databind | 2.8.5 | fixed in 2.9.8 | > 1 years | < 1 hour | | FasterXML jackson-databind 2.x before 2.9.8 | Yes | | | | | | | | | | | might allow attackers to have unspecified | | | | | | | | | | | | impact by leveraging failure to block the | | | | | | | | | | | | axis2-transport-jms cl... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2018-14720 | critical | 9.80 | com.fasterxml.jackson.core_jackson-databind | 2.8.5 | fixed in 2.9.7 | > 1 years | < 1 hour | | FasterXML jackson-databind 2.x before 2.9.7 might | Yes | | | | | | | | | | | allow attackers to conduct external XML entity | | | | | | | | | | | | (XXE) attacks by leveraging failure to block | | | | | | | | | | | | unspecif... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2018-14719 | critical | 9.80 | com.fasterxml.jackson.core_jackson-databind | 2.8.5 | fixed in 2.9.7 | > 1 years | < 1 hour | | FasterXML jackson-databind 2.x before 2.9.7 might | Yes | | | | | | | | | | | allow remote attackers to execute arbitrary code | | | | | | | | | | | | by leveraging failure to block the blaze-ds-opt | | | | | | | | | | | | and... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2018-14718 | critical | 9.80 | com.fasterxml.jackson.core_jackson-databind | 2.8.5 | fixed in 2.9.7 | > 1 years | < 1 hour | | FasterXML jackson-databind 2.x before 2.9.7 might | Yes | | | | | | | | | | | allow remote attackers to execute arbitrary code | | | | | | | | | | | | by leveraging failure to block the slf4j-ext class | | | | | | | | | | | | ... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2018-11307 | critical | 9.80 | com.fasterxml.jackson.core_jackson-databind | 2.8.5 | fixed in 2.9.6, 2.8.11.2 | > 1 years | < 1 hour | | An issue was discovered in FasterXML | Yes | | | | | | | | | | | jackson-databind 2.0.0 through 2.9.5. Use of | | | | | | | | | | | | Jackson default typing along with a gadget class | | | | | | | | | | | | from iBatis allows ... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2017-7658 | critical | 9.80 | org.eclipse.jetty_jetty-io | 7.3.0.v20110203 | fixed in 9.4.11, 9.3.24 | > 2 years | < 1 hour | | In Eclipse Jetty Server, versions 9.2.x and older, | Yes | | | | | | | | | | | 9.3.x (all non HTTP/1.x configurations), and 9.4.x | | | | | | | | | | | | (all HTTP/1.x configurations), when presented | | | | | | | | | | | | wi... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2017-7657 | critical | 9.80 | org.eclipse.jetty_jetty-io | 7.3.0.v20110203 | fixed in 9.4.11, 9.3.24 | > 2 years | < 1 hour | | In Eclipse Jetty, versions 9.2.x and older, 9.3.x | Yes | | | | | | | | | | | (all configurations), and 9.4.x (non-default | | | | | | | | | | | | configuration with RFC2616 compliance enabled), | | | | | | | | | | | | transfe... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2017-7525 | critical | 9.80 | com.fasterxml.jackson.core_jackson-databind | 2.8.5 | fixed in 2.8.9, 2.7.9.1, 2.6.7.1 | > 2 years | < 1 hour | | A deserialization flaw was discovered in the | Yes | | | | | | | | | | | jackson-databind, versions before 2.6.7.1, 2.7.9.1 | | | | | | | | | | | | and 2.8.9, which could allow an unauthenticated | | | | | | | | | | | | user t... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2017-5645 | critical | 9.80 | org.apache.logging.log4j_log4j-api | 2.7 | fixed in 2.8.2 | > 3 years | < 1 hour | | In Apache Log4j 2.x before 2.8.2, when using the | Yes | | | | | | | | | | | TCP socket server or UDP socket server to receive | | | | | | | | | | | | serialized log events from another application, a | | | | | | | | | | | | s... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2017-17485 | critical | 9.80 | com.fasterxml.jackson.core_jackson-databind | 2.8.5 | fixed in 2.9.4, 2.8.11 | > 2 years | < 1 hour | | FasterXML jackson-databind through 2.8.10 and | Yes | | | | | | | | | | | 2.9.x through 2.9.3 allows unauthenticated remote | | | | | | | | | | | | code execution because of an incomplete fix for | | | | | | | | | | | | the CV... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2017-15095 | critical | 9.80 | com.fasterxml.jackson.core_jackson-databind | 2.8.5 | fixed in 2.9.1, 2.8.10 | > 2 years | < 1 hour | | A deserialization flaw was discovered in the | Yes | | | | | | | | | | | jackson-databind in versions before 2.8.10 and | | | | | | | | | | | | 2.9.1, which could allow an unauthenticated user | | | | | | | | | | | | to perfor... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-20445 | critical | 9.10 | io.netty_netty-all | 4.1.6.Final | fixed in 4.1.44 | > 6 months | < 1 hour | | HttpObjectDecoder.java in Netty before 4.1.44 | Yes | | | | | | | | | | | allows a Content-Length header to be accompanied | | | | | | | | | | | | by a second Content-Length header, or by a | | | | | | | | | | | | Transfer-Enc... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-20444 | critical | 9.10 | io.netty_netty-all | 4.1.6.Final | fixed in 4.1.44 | > 6 months | < 1 hour | | HttpObjectDecoder.java in Netty before 4.1.44 | Yes | | | | | | | | | | | allows an HTTP header that lacks a colon, which | | | | | | | | | | | | might be interpreted as a separate header with an | | | | | | | | | | | | incorr... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-11113 | high | 8.80 | com.fasterxml.jackson.core_jackson-databind | 2.8.5 | fixed in 2.9.10.4 | > 4 months | < 1 hour | | FasterXML jackson-databind 2.x before | No | | | | | | | | | | | 2.9.10.4 mishandles the interaction between | | | | | | | | | | | | serialization gadgets and typing, related to | | | | | | | | | | | | org.apache.openjpa.ee.W... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-11112 | high | 8.80 | com.fasterxml.jackson.core_jackson-databind | 2.8.5 | fixed in 2.9.10.4 | > 4 months | < 1 hour | | FasterXML jackson-databind 2.x before | No | | | | | | | | | | | 2.9.10.4 mishandles the interaction between | | | | | | | | | | | | serialization gadgets and typing, related to | | | | | | | | | | | | org.apache.commons.prox... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-11111 | high | 8.80 | com.fasterxml.jackson.core_jackson-databind | 2.8.5 | fixed in 2.9.10.4 | > 4 months | < 1 hour | | FasterXML jackson-databind 2.x before | No | | | | | | | | | | | 2.9.10.4 mishandles the interaction between | | | | | | | | | | | | serialization gadgets and typing, related to | | | | | | | | | | | | org.apache.activemq.* (... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-10969 | high | 8.80 | com.fasterxml.jackson.core_jackson-databind | 2.8.5 | fixed in 2.9.10.4 | > 4 months | < 1 hour | | FasterXML jackson-databind 2.x before | No | | | | | | | | | | | 2.9.10.4 mishandles the interaction between | | | | | | | | | | | | serialization gadgets and typing, related to | | | | | | | | | | | | javax.swing.JEditorPane... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-10968 | high | 8.80 | com.fasterxml.jackson.core_jackson-databind | 2.8.5 | fixed in 2.9.10.4 | > 4 months | < 1 hour | | FasterXML jackson-databind 2.x before | No | | | | | | | | | | | 2.9.10.4 mishandles the interaction between | | | | | | | | | | | | serialization gadgets and typing, related to | | | | | | | | | | | | org.aoju.bus.proxy.prov... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-10673 | high | 8.80 | com.fasterxml.jackson.core_jackson-databind | 2.8.5 | fixed in 2.9.10.4 | > 5 months | < 1 hour | | FasterXML jackson-databind 2.x before | No | | | | | | | | | | | 2.9.10.4 mishandles the interaction between | | | | | | | | | | | | serialization gadgets and typing, related to | | | | | | | | | | | | com.caucho.config.types... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-10672 | high | 8.80 | com.fasterxml.jackson.core_jackson-databind | 2.8.5 | fixed in 2.9.10.4 | > 5 months | < 1 hour | | FasterXML jackson-databind 2.x before | No | | | | | | | | | | | 2.9.10.4 mishandles the interaction between | | | | | | | | | | | | serialization gadgets and typing, related to | | | | | | | | | | | | org.apache.aries.transa... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-14195 | high | 8.10 | com.fasterxml.jackson.core_jackson-databind | 2.8.5 | fixed in 2.9.10.5 | 64 days | < 1 hour | | FasterXML jackson-databind 2.x before | No | | | | | | | | | | | 2.9.10.5 mishandles the interaction between | | | | | | | | | | | | serialization gadgets and typing, related to | | | | | | | | | | | | org.jsecurity.realm.jnd... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-14062 | high | 8.10 | com.fasterxml.jackson.core_jackson-databind | 2.8.5 | fixed in 2.9.10.5 | 66 days | < 1 hour | | FasterXML jackson-databind 2.x before | No | | | | | | | | | | | 2.9.10.5 mishandles the interaction between | | | | | | | | | | | | serialization gadgets and typing, related to | | | | | | | | | | | | com.sun.org.apache.xala... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-14061 | high | 8.10 | com.fasterxml.jackson.core_jackson-databind | 2.8.5 | fixed in 2.9.10.5 | 66 days | < 1 hour | | FasterXML jackson-databind 2.x before | No | | | | | | | | | | | 2.9.10.5 mishandles the interaction between | | | | | | | | | | | | serialization gadgets and typing, related to | | | | | | | | | | | | oracle.jms.AQjmsQueueCo... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-14060 | high | 8.10 | com.fasterxml.jackson.core_jackson-databind | 2.8.5 | fixed in 2.9.10.5 | 66 days | < 1 hour | | FasterXML jackson-databind 2.x before | No | | | | | | | | | | | 2.9.10.5 mishandles the interaction between | | | | | | | | | | | | serialization gadgets and typing, related to | | | | | | | | | | | | oadd.org.apache.xalan.l... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2018-5968 | high | 8.10 | com.fasterxml.jackson.core_jackson-databind | 2.8.5 | fixed in 2.7.9.5 | > 2 years | < 1 hour | | FasterXML jackson-databind through 2.8.11 and | No | | | | | | | | | | | 2.9.x through 2.9.3 allows unauthenticated remote | | | | | | | | | | | | code execution because of an incomplete fix for | | | | | | | | | | | | the CV... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-16869 | high | 7.50 | io.netty_netty-all | 4.1.6.Final | fixed in 4.1.42.Final | > 10 months | < 1 hour | | Netty before 4.1.42.Final mishandles whitespace | No | | | | | | | | | | | before the colon in HTTP headers (such as a | | | | | | | | | | | | \"Transfer-Encoding : chunked\" line), which leads | | | | | | | | | | | | to HTTP... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-14439 | high | 7.50 | com.fasterxml.jackson.core_jackson-databind | 2.8.5 | fixed in 2.9.9.2 | > 1 years | < 1 hour | | A Polymorphic Typing issue was discovered in | No | | | | | | | | | | | FasterXML jackson-databind 2.x before 2.9.9.2. | | | | | | | | | | | | This occurs when Default Typing is enabled (either | | | | | | | | | | | | globall... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-12086 | high | 7.50 | com.fasterxml.jackson.core_jackson-databind | 2.8.5 | fixed in 2.9.9 | > 1 years | < 1 hour | | A Polymorphic Typing issue was discovered in | No | | | | | | | | | | | FasterXML jackson-databind 2.x before 2.9.9. When | | | | | | | | | | | | Default Typing is enabled (either globally or for | | | | | | | | | | | | a spe... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2018-12023 | high | 7.50 | com.fasterxml.jackson.core_jackson-databind | 2.8.5 | fixed in 2.9.6, 2.8.11.2, 2.7.9.4 | > 1 years | < 1 hour | | An issue was discovered in FasterXML | No | | | | | | | | | | | jackson-databind prior to 2.7.9.4, 2.8.11.2, and | | | | | | | | | | | | 2.9.6. When Default Typing is enabled (either | | | | | | | | | | | | globally or for a ... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2018-12022 | high | 7.50 | com.fasterxml.jackson.core_jackson-databind | 2.8.5 | fixed in 2.9.6, 2.8.11.2, 2.7.9.4 | > 1 years | < 1 hour | | An issue was discovered in FasterXML | No | | | | | | | | | | | jackson-databind prior to 2.7.9.4, 2.8.11.2, and | | | | | | | | | | | | 2.9.6. When Default Typing is enabled (either | | | | | | | | | | | | globally or for a ... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2017-7656 | high | 7.50 | org.eclipse.jetty_jetty-io | 7.3.0.v20110203 | fixed in 9.4.11, 9.3.24 | > 2 years | < 1 hour | | In Eclipse Jetty, versions 9.2.x and older, 9.3.x | No | | | | | | | | | | | (all configurations), and 9.4.x (non-default | | | | | | | | | | | | configuration with RFC2616 compliance enabled), | | | | | | | | | | | | HTTP/0.... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2016-3674 | high | 7.50 | com.thoughtworks.xstream_xstream | 1.3.1 | fixed in 1.4.9 | > 4 years | < 1 hour | | Multiple XML external entity (XXE) vulnerabilities | No | | | | | | | | | | | in the (1) Dom4JDriver, (2) DomDriver, (3) | | | | | | | | | | | | JDomDriver, (4) JDom2Driver, (5) SjsxpDriver, (6) | | | | | | | | | | | | Standa... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-12654 | high | 7.10 | linux | 4.4.0-173.203 | fixed in 4.4.0-177.207 | > 3 months | < 1 hour | | An issue was found in Linux kernel before | No | | | | | | | | | | | 5.5.4. mwifiex_ret_wmm_get_status() in | | | | | | | | | | | | drivers/net/wireless/marvell/mwifiex/wmm.c allows | | | | | | | | | | | | a remote AP to trig... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-20788 | medium | 9.80 | libvncserver | 0.9.10+dfsg-3ubuntu0.16.04.3 | fixed in 0.9.10+dfsg-3ubuntu0.16.04.4 | > 3 months | < 1 hour | | libvncclient/cursor.c in LibVNCServer through | No | | | | | | | | | | | 0.9.12 has a HandleCursorShape integer overflow | | | | | | | | | | | | and heap-based buffer overflow via a large height | | | | | | | | | | | | or wid... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-17542 | medium | 9.80 | ffmpeg | 7:2.8.15-0ubuntu0.16.04.1 | fixed in 7:2.8.17-0ubuntu0.1 | > 10 months | < 1 hour | | FFmpeg before 4.2 has a heap-based buffer | No | | | | | | | | | | | overflow in vqa_decode_chunk because of an | | | | | | | | | | | | out-of-array access in vqa_decode_init in | | | | | | | | | | | | libavcodec/vqavideo.c. | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-12730 | medium | 9.80 | ffmpeg | 7:2.8.15-0ubuntu0.16.04.1 | fixed in 7:2.8.17-0ubuntu0.1 | > 1 years | < 1 hour | | aa_read_header in libavformat/aadec.c in FFmpeg | No | | | | | | | | | | | before 3.2.14 and 4.x before 4.1.4 does not check | | | | | | | | | | | | for sscanf failure and consequently allows use of | | | | | | | | | | | | un... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2018-6485 | medium | 9.80 | glibc | 2.23-0ubuntu11 | fixed in 2.23-0ubuntu11.2 | > 2 years | < 1 hour | | An integer overflow in the implementation of the | No | | | | | | | | | | | posix_memalign in memalign functions in the GNU | | | | | | | | | | | | C Library (aka glibc or libc6) 2.26 and earlier | | | | | | | | | | | | could... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2018-11236 | medium | 9.80 | glibc | 2.23-0ubuntu11 | fixed in 2.23-0ubuntu11.2 | > 2 years | < 1 hour | | stdlib/canonicalize.c in the GNU C Library (aka | No | | | | | | | | | | | glibc or libc6) 2.27 and earlier, when processing | | | | | | | | | | | | very long pathname arguments to the realpath | | | | | | | | | | | | functio... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2017-18922 | medium | 9.80 | libvncserver | 0.9.10+dfsg-3ubuntu0.16.04.3 | fixed in 0.9.10+dfsg-3ubuntu0.16.04.4 | 51 days | < 1 hour | 9 | It was discovered that websockets.c in | No | | | | | | | | | | | LibVNCServer prior to 0.9.12 did not properly | | | | | | | | | | | | decode certain WebSocket frames. A malicious | | | | | | | | | | | | attacker could explo... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2017-18269 | medium | 9.80 | glibc | 2.23-0ubuntu11 | fixed in 2.23-0ubuntu11.2 | > 2 years | < 1 hour | | An SSE2-optimized memmove | No | | | | | | | | | | | implementation for i386 in | | | | | | | | | | | | sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S | | | | | | | | | | | | in the GNU C Library (aka glibc or libc6) 2.2... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-13112 | medium | 9.10 | libexif | 0.6.21-2ubuntu0.1 | fixed in 0.6.21-2ubuntu0.5 | 90 days | < 1 hour | | An issue was discovered in libexif before 0.6.22. | No | | | | | | | | | | | Several buffer over-reads in EXIF MakerNote | | | | | | | | | | | | handling could lead to information disclosure and | | | | | | | | | | | | crashe... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-10531 | medium | 8.80 | icu | 55.1-7ubuntu0.4 | fixed in 55.1-7ubuntu0.5 | > 5 months | < 1 hour | | An issue was discovered in International | No | | | | | | | | | | | Components for Unicode (ICU) for C/C++ through | | | | | | | | | | | | 66.1. An integer overflow, leading to a heap-based | | | | | | | | | | | | buffer over... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-13734 | medium | 8.80 | sqlite3 | 3.11.0-1ubuntu1.3 | fixed in 3.11.0-1ubuntu1.4 | > 8 months | < 1 hour | | Out of bounds write in SQLite in Google Chrome | No | | | | | | | | | | | prior to 79.0.3945.79 allowed a remote attacker to | | | | | | | | | | | | potentially exploit heap corruption via a crafted | | | | | | | | | | | | HT... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-11745 | medium | 8.80 | nss | 2:3.28.4-0ubuntu0.16.04.6 | fixed in 2:3.28.4-0ubuntu0.16.04.8 | > 7 months | < 1 hour | | When encrypting with a block cipher, if a call to | No | | | | | | | | | | | NSC_EncryptUpdate was made with data smaller than | | | | | | | | | | | | the block size, a small out of bounds write could | | | | | | | | | | | | ... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-8616 | medium | 8.60 | bind9 | 1:9.10.3.dfsg.P4-8ubuntu1.15 | fixed in 1:9.10.3.dfsg.P4-8ubuntu1.16 | > 3 months | < 1 hour | | A malicious actor who intentionally exploits this | No | | | | | | | | | | | lack of effective limitation on the number of | | | | | | | | | | | | fetches performed when processing referrals can, | | | | | | | | | | | | throu... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-2805 | medium | 8.30 | openjdk-8 | 8u242-b08-0ubuntu3~16.04 | fixed in 8u252-b09-1~16.04 | > 4 months | < 1 hour | | Vulnerability in the Java SE, Java SE Embedded | No | | | | | | | | | | | product of Oracle Java SE (component: Libraries). | | | | | | | | | | | | Supported versions that are affected are Java SE: | | | | | | | | | | | | 7u2... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-2803 | medium | 8.30 | openjdk-8 | 8u242-b08-0ubuntu3~16.04 | fixed in 8u252-b09-1~16.04 | > 4 months | < 1 hour | | Vulnerability in the Java SE, Java SE Embedded | No | | | | | | | | | | | product of Oracle Java SE (component: Libraries). | | | | | | | | | | | | Supported versions that are affected are Java SE: | | | | | | | | | | | | 7u2... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-14583 | medium | 8.30 | openjdk-8 | 8u242-b08-0ubuntu3~16.04 | fixed in 8u265-b01-0ubuntu2~16.04 | 35 days | < 1 hour | 24 | Vulnerability in the Java SE, Java SE Embedded | No | | | | | | | | | | | product of Oracle Java SE (component: Libraries). | | | | | | | | | | | | Supported versions that are affected are Java SE: | | | | | | | | | | | | 7u2... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-13113 | medium | 8.20 | libexif | 0.6.21-2ubuntu0.1 | fixed in 0.6.21-2ubuntu0.5 | 90 days | < 1 hour | | An issue was discovered in libexif before 0.6.22. | No | | | | | | | | | | | Use of uninitialized memory in EXIF Makernote | | | | | | | | | | | | handling could lead to crashes and potential | | | | | | | | | | | | use-after... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-13790 | medium | 8.10 | libjpeg-turbo | 1.4.2-0ubuntu3.3 | fixed in 1.4.2-0ubuntu3.4 | 77 days | < 1 hour | | libjpeg-turbo 2.0.4, and mozjpeg 4.0.0, has a | No | | | | | | | | | | | heap-based buffer over-read in get_rgb_row() in | | | | | | | | | | | | rdppm.c via a malformed PPM input file. | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-1712 | medium | 7.80 | systemd | 229-4ubuntu21.22 | fixed in 229-4ubuntu21.27 | > 4 months | < 1 hour | | A heap use-after-free vulnerability was found | No | | | | | | | | | | | in systemd before version v245-rc1, where | | | | | | | | | | | | asynchronous Polkit queries are performed while | | | | | | | | | | | | handling dbus ... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-12762 | medium | 7.80 | json-c | 0.11-4ubuntu2 | fixed in 0.11-4ubuntu2.6 | > 3 months | < 1 hour | | json-c through 0.14 has an integer overflow and | No | | | | | | | | | | | out-of-bounds write via a large JSON file, as | | | | | | | | | | | | demonstrated by printbuf_memappend. | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-12653 | medium | 7.80 | linux | 4.4.0-173.203 | fixed in 4.4.0-177.207 | > 3 months | < 1 hour | | An issue was found in Linux kernel before 5.5.4. | No | | | | | | | | | | | The mwifiex_cmd_append_vsie_tlv() function in | | | | | | | | | | | | drivers/net/wireless/marvell/mwifiex/scan.c allows | | | | | | | | | | | | loca... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2018-11237 | medium | 7.80 | glibc | 2.23-0ubuntu11 | fixed in 2.23-0ubuntu11.2 | > 2 years | < 1 hour | | An AVX-512-optimized implementation of the mempcpy | No | | | | | | | | | | | function in the GNU C Library (aka glibc or | | | | | | | | | | | | libc6) 2.27 and earlier may write data beyond the | | | | | | | | | | | | targe... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-8617 | medium | 7.50 | bind9 | 1:9.10.3.dfsg.P4-8ubuntu1.15 | fixed in 1:9.10.3.dfsg.P4-8ubuntu1.16 | > 3 months | < 1 hour | | Using a specially-crafted message, an attacker | No | | | | | | | | | | | may potentially cause a BIND server to reach | | | | | | | | | | | | an inconsistent state if the attacker knows (or | | | | | | | | | | | | successful... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-14400 | medium | 7.50 | libvncserver | 0.9.10+dfsg-3ubuntu0.16.04.3 | fixed in 0.9.10+dfsg-3ubuntu0.16.04.5 | 63 days | < 1 hour | | ** DISPUTED ** An issue was discovered in | No | | | | | | | | | | | LibVNCServer before 0.9.13. Byte-aligned | | | | | | | | | | | | data is accessed through uint16_t pointers in | | | | | | | | | | | | libvncserver/translat... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-14399 | medium | 7.50 | libvncserver | 0.9.10+dfsg-3ubuntu0.16.04.3 | fixed in 0.9.10+dfsg-3ubuntu0.16.04.5 | 63 days | < 1 hour | | ** DISPUTED ** An issue was discovered in | No | | | | | | | | | | | LibVNCServer before 0.9.13. Byte-aligned | | | | | | | | | | | | data is accessed through uint32_t pointers in | | | | | | | | | | | | libvncclient/rfbproto... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-14398 | medium | 7.50 | libvncserver | 0.9.10+dfsg-3ubuntu0.16.04.3 | fixed in 0.9.10+dfsg-3ubuntu0.16.04.5 | 63 days | < 1 hour | | An issue was discovered in LibVNCServer before | No | | | | | | | | | | | 0.9.13. An improperly closed TCP connection causes | | | | | | | | | | | | an infinite loop in libvncclient/sockets.c. | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-14397 | medium | 7.50 | libvncserver | 0.9.10+dfsg-3ubuntu0.16.04.3 | fixed in 0.9.10+dfsg-3ubuntu0.16.04.5 | 63 days | < 1 hour | | An issue was discovered in LibVNCServer before | No | | | | | | | | | | | 0.9.13. libvncserver/rfbregion.c has a NULL | | | | | | | | | | | | pointer dereference. | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-12243 | medium | 7.50 | openldap | 2.4.42+dfsg-2ubuntu3.7 | fixed in 2.4.42+dfsg-2ubuntu3.8 | > 3 months | < 1 hour | | In filter.c in slapd in OpenLDAP before | No | | | | | | | | | | | 2.4.50, LDAP search filters with nested boolean | | | | | | | | | | | | expressions can result in denial of service | | | | | | | | | | | | (daemon crash). | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-0198 | medium | 7.50 | libexif | 0.6.21-2ubuntu0.1 | fixed in 0.6.21-2ubuntu0.5 | 69 days | < 1 hour | | In exif_data_load_data_content of exif-data.c, | No | | | | | | | | | | | there is a possible UBSAN abort due to an integer | | | | | | | | | | | | overflow. This could lead to remote denial of | | | | | | | | | | | | service... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-20907 | medium | 7.50 | python3.5 | 3.5.2-2ubuntu0~16.04.9 | fixed in 3.5.2-2ubuntu0~16.04.11 | 37 days | < 1 hour | 22 | In Lib/tarfile.py in Python through 3.8.3, an | No | | | | | | | | | | | attacker is able to craft a TAR archive leading | | | | | | | | | | | | to an infinite loop when opened by tarfile.open, | | | | | | | | | | | | because... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-20840 | medium | 7.50 | libvncserver | 0.9.10+dfsg-3ubuntu0.16.04.3 | fixed in 0.9.10+dfsg-3ubuntu0.16.04.5 | 63 days | < 1 hour | | An issue was discovered in LibVNCServer before | No | | | | | | | | | | | 0.9.13. libvncserver/ws_decode.c can lead | | | | | | | | | | | | to a crash because of unaligned accesses in | | | | | | | | | | | | hybiReadAndDecode... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-20839 | medium | 7.50 | libvncserver | 0.9.10+dfsg-3ubuntu0.16.04.3 | fixed in 0.9.10+dfsg-3ubuntu0.16.04.5 | 63 days | < 1 hour | | libvncclient/sockets.c in LibVNCServer before | No | | | | | | | | | | | 0.9.13 has a buffer overflow via a long socket | | | | | | | | | | | | filename. | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-19926 | medium | 7.50 | sqlite3 | 3.11.0-1ubuntu1.3 | fixed in 3.11.0-1ubuntu1.4 | > 8 months | < 1 hour | | multiSelect in select.c in SQLite 3.30.1 | No | | | | | | | | | | | mishandles certain errors during parsing, as | | | | | | | | | | | | demonstrated by errors from sqlite3WindowRewrite() | | | | | | | | | | | | calls. NOTE: ... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-19768 | medium | 7.50 | linux | 4.4.0-173.203 | fixed in 4.4.0-178.208 | > 8 months | < 1 hour | | In the Linux kernel 5.4.0-rc2, there is a | No | | | | | | | | | | | use-after-free (read) in the __blk_add_trace | | | | | | | | | | | | function in kernel/trace/blktrace.c (which is used | | | | | | | | | | | | to fill out ... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-14593 | medium | 7.40 | openjdk-8 | 8u242-b08-0ubuntu3~16.04 | fixed in 8u265-b01-0ubuntu2~16.04 | 35 days | < 1 hour | 24 | Vulnerability in the Java SE, Java SE Embedded | No | | | | | | | | | | | product of Oracle Java SE (component: 2D). | | | | | | | | | | | | Supported versions that are affected are Java SE: | | | | | | | | | | | | 7u261, 8u2... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-8648 | medium | 7.10 | linux | 4.4.0-173.203 | fixed in 4.4.0-178.208 | > 6 months | < 1 hour | | There is a use-after-free vulnerability | No | | | | | | | | | | | in the Linux kernel through 5.5.2 in | | | | | | | | | | | | the n_tty_receive_buf_common function in | | | | | | | | | | | | drivers/tty/n_tty.c. | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-8428 | medium | 7.10 | linux | 4.4.0-173.203 | fixed in 4.4.0-177.207 | > 6 months | < 1 hour | | fs/namei.c in the Linux kernel before 5.5 has a | No | | | | | | | | | | | may_create_in_sticky use-after-free, which allows | | | | | | | | | | | | local users to cause a denial of service (OOPS) or | | | | | | | | | | | | p... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-11668 | medium | 7.10 | linux | 4.4.0-173.203 | fixed in 4.4.0-179.209 | > 4 months | < 1 hour | | In the Linux kernel before 5.6.1, | No | | | | | | | | | | | drivers/media/usb/gspca/xirlink_cit.c (aka the | | | | | | | | | | | | Xirlink camera USB driver) mishandles invalid | | | | | | | | | | | | descriptors, aka CID-a2... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-1751 | medium | 7.00 | glibc | 2.23-0ubuntu11 | fixed in 2.23-0ubuntu11.2 | > 4 months | < 1 hour | | An out-of-bounds write vulnerability was found in | No | | | | | | | | | | | glibc before 2.31 when handling signal trampolines | | | | | | | | | | | | on PowerPC. Specifically, the backtrace function | | | | | | | | | | | | ... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-13630 | medium | 7.00 | sqlite3 | 3.11.0-1ubuntu1.3 | fixed in 3.11.0-1ubuntu1.5 | 84 days | < 1 hour | | ext/fts3/fts3.c in SQLite before 3.32.0 has a | No | | | | | | | | | | | use-after-free in fts3EvalNextRow, related to the | | | | | | | | | | | | snippet feature. | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-2732 | medium | 6.80 | linux | 4.4.0-173.203 | fixed in 4.4.0-176.206 | > 4 months | < 1 hour | | A flaw was discovered in the way that the KVM | No | | | | | | | | | | | hypervisor handled instruction emulation for an L2 | | | | | | | | | | | | guest when nested virtualisation is enabled. Under | | | | | | | | | | | | so... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-12464 | medium | 6.70 | linux | 4.4.0-173.203 | fixed in 4.4.0-184.214 | > 3 months | < 1 hour | | usb_sg_cancel in drivers/usb/core/message.c in | No | | | | | | | | | | | the Linux kernel before 5.6.8 has a use-after-free | | | | | | | | | | | | because a transfer occurs without a reference, aka | | | | | | | | | | | | C... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-5188 | medium | 6.70 | e2fsprogs | 1.42.13-1ubuntu1 | fixed in 1.42.13-1ubuntu1.2 | > 7 months | < 1 hour | | A code execution vulnerability exists in the | No | | | | | | | | | | | directory rehashing functionality of E2fsprogs | | | | | | | | | | | | e2fsck 1.45.4. A specially crafted ext4 directory | | | | | | | | | | | | can caus... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-5094 | medium | 6.70 | e2fsprogs | 1.42.13-1ubuntu1 | fixed in 1.42.13-1ubuntu1.1 | > 11 months | < 1 hour | | An exploitable code execution vulnerability exists | No | | | | | | | | | | | in the quota file functionality of E2fsprogs | | | | | | | | | | | | 1.45.3. A specially crafted ext4 partition can | | | | | | | | | | | | cause a... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-20636 | medium | 6.70 | linux | 4.4.0-173.203 | fixed in 4.4.0-174.204 | > 4 months | < 1 hour | | In the Linux kernel before 5.4.12, | No | | | | | | | | | | | drivers/input/input.c has out-of-bounds writes | | | | | | | | | | | | via a crafted keycode table, as demonstrated by | | | | | | | | | | | | input_set_keycode, a... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-14405 | medium | 6.50 | libvncserver | 0.9.10+dfsg-3ubuntu0.16.04.3 | fixed in 0.9.10+dfsg-3ubuntu0.16.04.5 | 63 days | < 1 hour | | An issue was discovered in LibVNCServer before | No | | | | | | | | | | | 0.9.13. libvncclient/rfbproto.c does not limit | | | | | | | | | | | | TextChat size. | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-14401 | medium | 6.50 | libvncserver | 0.9.10+dfsg-3ubuntu0.16.04.3 | fixed in 0.9.10+dfsg-3ubuntu0.16.04.5 | 63 days | < 1 hour | | An issue was discovered in LibVNCServer before | No | | | | | | | | | | | 0.9.13. libvncserver/scale.c has a pixel_value | | | | | | | | | | | | integer overflow. | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-13645 | medium | 6.50 | glib-networking | 2.48.2-1~ubuntu16.04.1 | fixed in 2.48.2-1~ubuntu16.04.2 | 84 days | < 1 hour | | In GNOME glib-networking through 2.64.2, the | No | | | | | | | | | | | implementation of GTlsClientConnection skips | | | | | | | | | | | | hostname verification of the server\'s TLS | | | | | | | | | | | | certificate if th... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-0182 | medium | 6.50 | libexif | 0.6.21-2ubuntu0.1 | fixed in 0.6.21-2ubuntu0.5 | 69 days | < 1 hour | | In exif_entry_get_value of exif-entry.c, there | No | | | | | | | | | | | is a possible out of bounds read due to a missing | | | | | | | | | | | | bounds check. This could lead to local information | | | | | | | | | | | | di... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-5108 | medium | 6.50 | linux | 4.4.0-173.203 | fixed in 4.4.0-174.204 | > 8 months | < 1 hour | | An exploitable denial-of-service vulnerability | No | | | | | | | | | | | exists in the Linux kernel prior to mainline 5.3. | | | | | | | | | | | | An attacker could exploit this vulnerability by | | | | | | | | | | | | trigg... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-13753 | medium | 6.50 | sqlite3 | 3.11.0-1ubuntu1.3 | fixed in 3.11.0-1ubuntu1.4 | > 8 months | < 1 hour | | Out of bounds read in SQLite in Google Chrome | No | | | | | | | | | | | prior to 79.0.3945.79 allowed a remote attacker | | | | | | | | | | | | to obtain potentially sensitive information from | | | | | | | | | | | | process... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-13752 | medium | 6.50 | sqlite3 | 3.11.0-1ubuntu1.3 | fixed in 3.11.0-1ubuntu1.4 | > 8 months | < 1 hour | | Out of bounds read in SQLite in Google Chrome | No | | | | | | | | | | | prior to 79.0.3945.79 allowed a remote attacker | | | | | | | | | | | | to obtain potentially sensitive information from | | | | | | | | | | | | process... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-13751 | medium | 6.50 | sqlite3 | 3.11.0-1ubuntu1.3 | fixed in 3.11.0-1ubuntu1.4 | > 8 months | < 1 hour | | Uninitialized data in SQLite in Google Chrome | No | | | | | | | | | | | prior to 79.0.3945.79 allowed a remote attacker | | | | | | | | | | | | to obtain potentially sensitive information from | | | | | | | | | | | | process... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-13750 | medium | 6.50 | sqlite3 | 3.11.0-1ubuntu1.3 | fixed in 3.11.0-1ubuntu1.4 | > 8 months | < 1 hour | | Insufficient data validation in SQLite in Google | No | | | | | | | | | | | Chrome prior to 79.0.3945.79 allowed a remote | | | | | | | | | | | | attacker to bypass defense-in-depth measures via a | | | | | | | | | | | | craf... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2018-1000873 | medium | 6.50 | com.fasterxml.jackson.core_jackson-databind | 2.8.5 | fixed in 2.9.8 | > 1 years | < 1 hour | | Fasterxml Jackson version Before 2.9.8 contains | No | | | | | | | | | | | a CWE-20: Improper Input Validation vulnerability | | | | | | | | | | | | in Jackson-Modules-Java8 that can result in Causes | | | | | | | | | | | | a... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-10690 | medium | 6.40 | linux | 4.4.0-173.203 | fixed in 4.4.0-185.215 | > 3 months | < 1 hour | | There is a use-after-free in kernel versions | No | | | | | | | | | | | before 5.5 due to a race condition between the | | | | | | | | | | | | release of ptp_clock and cdev while resource | | | | | | | | | | | | deallocation.... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-13627 | medium | 6.30 | libgcrypt20 | 1.6.5-2ubuntu0.5 | fixed in 1.6.5-2ubuntu0.6 | > 10 months | < 1 hour | | It was discovered that there was a ECDSA timing | No | | | | | | | | | | | attack in the libgcrypt20 cryptographic library. | | | | | | | | | | | | Version affected: 1.8.4-5, 1.7.6-2+deb9u3, and | | | | | | | | | | | | 1.6.3-... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-8647 | medium | 6.10 | linux | 4.4.0-173.203 | fixed in 4.4.0-178.208 | > 6 months | < 1 hour | | There is a use-after-free vulnerability in the | No | | | | | | | | | | | Linux kernel through 5.5.2 in the vc_do_resize | | | | | | | | | | | | function in drivers/tty/vt/vt.c. | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-18348 | medium | 6.10 | python3.5 | 3.5.2-2ubuntu0~16.04.9 | fixed in 3.5.2-2ubuntu0~16.04.10 | > 10 months | < 1 hour | | An issue was discovered in urllib2 in Python 2.x | No | | | | | | | | | | | through 2.7.17 and urllib in Python 3.x through | | | | | | | | | | | | 3.8.0. CRLF injection is possible if the attacker | | | | | | | | | | | | con... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-11565 | medium | 6.00 | linux | 4.4.0-173.203 | fixed in 4.4.0-179.209 | > 4 months | < 1 hour | | ** DISPUTED ** An issue was discovered in the | No | | | | | | | | | | | Linux kernel through 5.6.2. mpol_parse_str in | | | | | | | | | | | | mm/mempolicy.c has a stack-based out-of-bounds | | | | | | | | | | | | write becau... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-8649 | medium | 5.90 | linux | 4.4.0-173.203 | fixed in 4.4.0-178.208 | > 6 months | < 1 hour | | There is a use-after-free vulnerability | No | | | | | | | | | | | in the Linux kernel through 5.5.2 in | | | | | | | | | | | | the vgacon_invert_region function in | | | | | | | | | | | | drivers/video/console/vgacon.c. | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-16135 | medium | 5.90 | libssh | 0.6.3-4.3ubuntu0.5 | fixed in 0.6.3-4.3ubuntu0.6 | 21 days | < 1 hour | 38 | libssh 0.9.4 has a NULL pointer dereference in | No | | | | | | | | | | | tftpserver.c if ssh_buffer_new returns NULL. | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-12814 | medium | 5.90 | com.fasterxml.jackson.core_jackson-databind | 2.8.5 | fixed in 2.9.9.1 | > 1 years | < 1 hour | | A Polymorphic Typing issue was discovered in | No | | | | | | | | | | | FasterXML jackson-databind 2.x through 2.9.9. When | | | | | | | | | | | | Default Typing is enabled (either globally or for | | | | | | | | | | | | a sp... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-12384 | medium | 5.90 | com.fasterxml.jackson.core_jackson-databind | 2.8.5 | fixed in 2.9.9.1 | > 1 years | < 1 hour | | FasterXML jackson-databind 2.x before 2.9.9.1 | No | | | | | | | | | | | might allow attackers to have a variety of impacts | | | | | | | | | | | | by leveraging failure to block the logback-core | | | | | | | | | | | | class... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2018-10237 | medium | 5.90 | com.google.guava_guava | 20.0 | fixed in 24.1.1 | > 2 years | < 1 hour | | Unbounded memory allocation in Google Guava 11.0 | No | | | | | | | | | | | through 24.x before 24.1.1 allows remote attackers | | | | | | | | | | | | to conduct denial of service attacks against | | | | | | | | | | | | serve... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-3810 | medium | 5.50 | apt | 1.2.32 | fixed in 1.2.32ubuntu0.1 | > 3 months | < 1 hour | | Missing input validation in the ar/tar | No | | | | | | | | | | | implementations of APT before version 2.1.2 | | | | | | | | | | | | could result in denial of service when processing | | | | | | | | | | | | specially crafted... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-13904 | medium | 5.50 | ffmpeg | 7:2.8.15-0ubuntu0.16.04.1 | fixed in 7:2.8.17-0ubuntu0.1 | 73 days | < 1 hour | | FFmpeg 4.2.3 has a use-after-free via a | No | | | | | | | | | | | crafted EXTINF duration in an m3u8 file because | | | | | | | | | | | | parse_playlist in libavformat/hls.c frees a | | | | | | | | | | | | pointer, and later... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-13632 | medium | 5.50 | sqlite3 | 3.11.0-1ubuntu1.3 | fixed in 3.11.0-1ubuntu1.5 | 84 days | < 1 hour | | ext/fts3/fts3_snippet.c in SQLite before 3.32.0 | No | | | | | | | | | | | has a NULL pointer dereference via a crafted | | | | | | | | | | | | matchinfo() query. | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-13434 | medium | 5.50 | sqlite3 | 3.11.0-1ubuntu1.3 | fixed in 3.11.0-1ubuntu1.5 | 87 days | < 1 hour | | SQLite through 3.32.0 has an integer overflow in | No | | | | | | | | | | | sqlite3_str_vappendf in printf.c. | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-12769 | medium | 5.50 | linux | 4.4.0-173.203 | fixed in 4.4.0-184.214 | > 3 months | < 1 hour | | An issue was discovered in the Linux kernel before | No | | | | | | | | | | | 5.4.17. drivers/spi/spi-dw.c allows attackers to | | | | | | | | | | | | cause a panic via concurrent calls to dw_spi_irq | | | | | | | | | | | | a... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-12767 | medium | 5.50 | libexif | 0.6.21-2ubuntu0.1 | fixed in 0.6.21-2ubuntu0.2 | > 3 months | < 1 hour | | exif_entry_get_value in exif-entry.c in libexif | No | | | | | | | | | | | 0.6.21 has a divide-by-zero error. | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-12049 | medium | 5.50 | dbus | 1.10.6-1ubuntu3.5 | fixed in 1.10.6-1ubuntu3.6 | 72 days | < 1 hour | | An issue was discovered in dbus >= 1.3.0 before | No | | | | | | | | | | | 1.12.18. The DBusServer in libdbus, as used in | | | | | | | | | | | | dbus-daemon, leaks file descriptors when a message | | | | | | | | | | | | exce... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-20096 | medium | 5.50 | linux | 4.4.0-173.203 | fixed in 4.4.0-174.204 | > 7 months | < 1 hour | | In the Linux kernel before 5.1, there is a memory | No | | | | | | | | | | | leak in __feat_register_sp() in net/dccp/feat.c, | | | | | | | | | | | | which may cause denial of service, aka | | | | | | | | | | | | CID-1d3ff095... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-14404 | medium | 5.40 | libvncserver | 0.9.10+dfsg-3ubuntu0.16.04.3 | fixed in 0.9.10+dfsg-3ubuntu0.16.04.5 | 63 days | < 1 hour | | An issue was discovered in LibVNCServer before | No | | | | | | | | | | | 0.9.13. libvncserver/rre.c allows out-of-bounds | | | | | | | | | | | | access via encodings. | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-14403 | medium | 5.40 | libvncserver | 0.9.10+dfsg-3ubuntu0.16.04.3 | fixed in 0.9.10+dfsg-3ubuntu0.16.04.5 | 63 days | < 1 hour | | An issue was discovered in LibVNCServer | No | | | | | | | | | | | before 0.9.13. libvncserver/hextile.c allows | | | | | | | | | | | | out-of-bounds access via encodings. | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-14402 | medium | 5.40 | libvncserver | 0.9.10+dfsg-3ubuntu0.16.04.3 | fixed in 0.9.10+dfsg-3ubuntu0.16.04.5 | 63 days | < 1 hour | | An issue was discovered in LibVNCServer before | No | | | | | | | | | | | 0.9.13. libvncserver/corre.c allows out-of-bounds | | | | | | | | | | | | access via encodings. | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-2830 | medium | 5.30 | openjdk-8 | 8u242-b08-0ubuntu3~16.04 | fixed in 8u252-b09-1~16.04 | > 4 months | < 1 hour | | Vulnerability in the Java SE, Java SE | No | | | | | | | | | | | Embedded product of Oracle Java SE (component: | | | | | | | | | | | | Concurrency). Supported versions that are affected | | | | | | | | | | | | are Java SE: 7... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-14621 | medium | 5.30 | openjdk-8 | 8u242-b08-0ubuntu3~16.04 | fixed in 8u265-b01-0ubuntu2~16.04 | 35 days | < 1 hour | 24 | Vulnerability in the Java SE, Java SE Embedded | No | | | | | | | | | | | product of Oracle Java SE (component: JAXP). | | | | | | | | | | | | Supported versions that are affected are Java SE: | | | | | | | | | | | | 7u261, 8... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-12826 | medium | 5.30 | linux | 4.4.0-173.203 | fixed in 4.4.0-184.214 | > 3 months | < 1 hour | | A signal access-control issue was discovered | No | | | | | | | | | | | in the Linux kernel before 5.6.5, aka | | | | | | | | | | | | CID-7395ea4e65c2. Because exec_id in | | | | | | | | | | | | include/linux/sched.h is only ... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-10942 | medium | 5.30 | linux | 4.4.0-173.203 | fixed in 4.4.0-179.209 | > 4 months | < 1 hour | | In the Linux kernel before 5.5.8, get_raw_socket | No | | | | | | | | | | | in drivers/vhost/net.c lacks validation of an | | | | | | | | | | | | sk_family field, which might allow attackers to | | | | | | | | | | | | trigger... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-2800 | medium | 4.80 | openjdk-8 | 8u242-b08-0ubuntu3~16.04 | fixed in 8u252-b09-1~16.04 | > 4 months | < 1 hour | | Vulnerability in the Java SE, Java SE Embedded | No | | | | | | | | | | | product of Oracle Java SE (component: Lightweight | | | | | | | | | | | | HTTP Server). Supported versions that are affected | | | | | | | | | | | | ar... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-14556 | medium | 4.80 | openjdk-8 | 8u242-b08-0ubuntu3~16.04 | fixed in 8u265-b01-0ubuntu2~16.04 | 35 days | < 1 hour | 24 | Vulnerability in the Java SE, Java SE Embedded | No | | | | | | | | | | | product of Oracle Java SE (component: Libraries). | | | | | | | | | | | | Supported versions that are affected are Java SE: | | | | | | | | | | | | 8u2... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-12114 | medium | 4.70 | linux | 4.4.0-173.203 | fixed in 4.4.0-184.214 | > 3 months | < 1 hour | | A pivot_root race condition in fs/namespace.c | No | | | | | | | | | | | in the Linux kernel 4.4.x before 4.4.221, 4.9.x | | | | | | | | | | | | before 4.9.221, 4.14.x before 4.14.178, 4.19.x | | | | | | | | | | | | before 4.... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-19965 | medium | 4.70 | linux | 4.4.0-173.203 | fixed in 4.4.0-174.204 | > 7 months | < 1 hour | | In the Linux kernel through 5.4.6, | No | | | | | | | | | | | there is a NULL pointer dereference in | | | | | | | | | | | | drivers/scsi/libsas/sas_discover.c because of | | | | | | | | | | | | mishandling of port disconnect... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-12402 | medium | 4.40 | nss | 2:3.28.4-0ubuntu0.16.04.10 | fixed in 2:3.28.4-0ubuntu0.16.04.12 | 41 days | < 1 hour | 18 | During RSA key generation, bignum implementations | No | | | | | | | | | | | used a variation of the Binary Extended | | | | | | | | | | | | Euclidean Algorithm which entailed significantly | | | | | | | | | | | | input-depen... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-12402 | medium | 4.40 | nss | 2:3.28.4-0ubuntu0.16.04.6 | fixed in 2:3.28.4-0ubuntu0.16.04.12 | 41 days | < 1 hour | 18 | During RSA key generation, bignum implementations | No | | | | | | | | | | | used a variation of the Binary Extended | | | | | | | | | | | | Euclidean Algorithm which entailed significantly | | | | | | | | | | | | input-depen... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-12399 | medium | 4.40 | nss | 2:3.28.4-0ubuntu0.16.04.10 | fixed in 2:3.28.4-0ubuntu0.16.04.11 | 41 days | < 1 hour | 18 | NSS has shown timing differences when performing | No | | | | | | | | | | | DSA signatures, which was exploitable and could | | | | | | | | | | | | eventually leak private keys. This vulnerability | | | | | | | | | | | | affe... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-12399 | medium | 4.40 | nss | 2:3.28.4-0ubuntu0.16.04.6 | fixed in 2:3.28.4-0ubuntu0.16.04.11 | 41 days | < 1 hour | 18 | NSS has shown timing differences when performing | No | | | | | | | | | | | DSA signatures, which was exploitable and could | | | | | | | | | | | | eventually leak private keys. This vulnerability | | | | | | | | | | | | affe... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-11494 | medium | 4.40 | linux | 4.4.0-173.203 | fixed in 4.4.0-179.209 | > 4 months | < 1 hour | | An issue was discovered in slc_bump in | No | | | | | | | | | | | drivers/net/can/slcan.c in the Linux kernel | | | | | | | | | | | | through 5.6.2. It allows attackers to read | | | | | | | | | | | | uninitialized can_frame ... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-11609 | medium | 4.30 | linux | 4.4.0-173.203 | fixed in 4.4.0-179.209 | > 4 months | < 1 hour | | An issue was discovered in the stv06xx | No | | | | | | | | | | | subsystem in the Linux kernel before 5.6.1. | | | | | | | | | | | | drivers/media/usb/gspca/stv06xx/stv06xx.c and | | | | | | | | | | | | drivers/media/usb/gsp... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-11608 | medium | 4.30 | linux | 4.4.0-173.203 | fixed in 4.4.0-179.209 | > 4 months | < 1 hour | | An issue was discovered in the Linux kernel before | No | | | | | | | | | | | 5.6.1. drivers/media/usb/gspca/ov519.c allows | | | | | | | | | | | | NULL pointer dereferences in ov511_mode_init_regs | | | | | | | | | | | | and... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-14416 | medium | 4.20 | linux | 4.4.0-173.203 | fixed in 4.4.0-176.206 | 63 days | < 1 hour | | In the Linux kernel before 5.4.16, a race | No | | | | | | | | | | | condition in tty->disc_data handling in the | | | | | | | | | | | | slip and slcan line discipline could lead to a | | | | | | | | | | | | use-after-free, a... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-14581 | medium | 3.70 | openjdk-8 | 8u242-b08-0ubuntu3~16.04 | fixed in 8u265-b01-0ubuntu2~16.04 | 35 days | < 1 hour | 24 | Vulnerability in the Java SE, Java SE Embedded | No | | | | | | | | | | | product of Oracle Java SE (component: 2D). | | | | | | | | | | | | Supported versions that are affected are Java SE: | | | | | | | | | | | | 8u251, 11.... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-14579 | medium | 3.70 | openjdk-8 | 8u242-b08-0ubuntu3~16.04 | fixed in 8u265-b01-0ubuntu2~16.04 | 35 days | < 1 hour | 24 | Vulnerability in the Java SE, Java SE Embedded | No | | | | | | | | | | | product of Oracle Java SE (component: Libraries). | | | | | | | | | | | | Supported versions that are affected are Java SE: | | | | | | | | | | | | 7u2... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-14578 | medium | 3.70 | openjdk-8 | 8u242-b08-0ubuntu3~16.04 | fixed in 8u265-b01-0ubuntu2~16.04 | 35 days | < 1 hour | 24 | Vulnerability in the Java SE, Java SE Embedded | No | | | | | | | | | | | product of Oracle Java SE (component: Libraries). | | | | | | | | | | | | Supported versions that are affected are Java SE: | | | | | | | | | | | | 7u2... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-14577 | medium | 3.70 | openjdk-8 | 8u242-b08-0ubuntu3~16.04 | fixed in 8u265-b01-0ubuntu2~16.04 | 35 days | < 1 hour | 24 | Vulnerability in the Java SE, Java SE Embedded | No | | | | | | | | | | | product of Oracle Java SE (component: JSSE). | | | | | | | | | | | | Supported versions that are affected are Java SE: | | | | | | | | | | | | 7u261, 8... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-11931 | medium | 3.30 | pulseaudio | 1:8.0-0ubuntu3.10 | fixed in 1:8.0-0ubuntu3.12 | > 3 months | < 1 hour | | An Ubuntu-specific modification to Pulseaudio | No | | | | | | | | | | | to provide security mediation for Snap-packaged | | | | | | | | | | | | applications was found to have a bypass of | | | | | | | | | | | | intended acce... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-8177 | medium | 0.00 | curl | 7.47.0-1ubuntu2.14 | fixed in 7.47.0-1ubuntu2.15 | 57 days | < 1 hour | 3 | a flaw was found in curl. overwriting local files | No | | | | | | | | | | | is possible when using a certain combination of | | | | | | | | | | | | command line options. requesting content from a | | | | | | | | | | | | mali... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-6829 | medium | 0.00 | nss | 2:3.28.4-0ubuntu0.16.04.6 | fixed in 2:3.28.4-0ubuntu0.16.04.13 | n/a | < 1 hour | | [Side channel attack on ECDSA signature | No | | | | | | | | | | | generation] | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-6829 | medium | 0.00 | nss | 2:3.28.4-0ubuntu0.16.04.10 | fixed in 2:3.28.4-0ubuntu0.16.04.13 | n/a | < 1 hour | | [Side channel attack on ECDSA signature | No | | | | | | | | | | | generation] | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-3898 | medium | 0.00 | cups | 2.1.3-4ubuntu0.10 | fixed in 2.1.3-4ubuntu0.11 | > 4 months | < 1 hour | | A heap-based buffer overflow was discovered | No | | | | | | | | | | | in in libcups\'s ppdFindOption() function in | | | | | | | | | | | | ppd-mark.c:430. The issue can be reproduced by | | | | | | | | | | | | loading a craf... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-1749 | medium | 0.00 | linux | 4.4.0-173.203 | fixed in 4.4.0-184.214 | > 5 months | < 1 hour | | The kernel packages contain the Linux kernel, | No | | | | | | | | | | | the core of any Linux operating system. | | | | | | | | | | | | Security Fix(es): * kernel: use-after-free in | | | | | | | | | | | | __blk_add_trace ... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-12401 | medium | 0.00 | nss | 2:3.28.4-0ubuntu0.16.04.10 | fixed in 2:3.28.4-0ubuntu0.16.04.13 | n/a | < 1 hour | | [ECDSA timing attack mitigation bypass] | No | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-12401 | medium | 0.00 | nss | 2:3.28.4-0ubuntu0.16.04.6 | fixed in 2:3.28.4-0ubuntu0.16.04.13 | n/a | < 1 hour | | [ECDSA timing attack mitigation bypass] | No | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-12400 | medium | 0.00 | nss | 2:3.28.4-0ubuntu0.16.04.10 | fixed in 2:3.28.4-0ubuntu0.16.04.13 | n/a | < 1 hour | | [P-384 and P-521 implementation uses a | No | | | | | | | | | | | side-channel vulnerable modular inversion | | | | | | | | | | | | function] | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-12400 | medium | 0.00 | nss | 2:3.28.4-0ubuntu0.16.04.6 | fixed in 2:3.28.4-0ubuntu0.16.04.13 | n/a | < 1 hour | | [P-384 and P-521 implementation uses a | No | | | | | | | | | | | side-channel vulnerable modular inversion | | | | | | | | | | | | function] | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-11935 | medium | 0.00 | linux | 4.4.0-173.203 | fixed in 4.4.0-186.216 | 52 days | < 1 hour | 8 | It was discovered that aufs improperly managed | No | | | | | | | | | | | inode reference counts in the vfsub_dentry_open() | | | | | | | | | | | | method. A local attacker could use this | | | | | | | | | | | | vulnerability... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-10768 | medium | 0.00 | linux | 4.4.0-173.203 | fixed in 4.4.0-186.216 | 72 days | < 1 hour | | a flaw was found in the prctl() function, | No | | | | | | | | | | | where it can be used to enable indirect branch | | | | | | | | | | | | speculation after it has been disabled. this call | | | | | | | | | | | | incorrectly... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-10767 | medium | 0.00 | linux | 4.4.0-173.203 | fixed in 4.4.0-186.216 | 72 days | < 1 hour | | a flaw was found in the linux kernel’s | No | | | | | | | | | | | implementation of the enhanced ibpb (indirect | | | | | | | | | | | | branch prediction barrier). the ibpb mitigation | | | | | | | | | | | | will be disable... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-10766 | medium | 0.00 | linux | 4.4.0-173.203 | fixed in 4.4.0-186.216 | 72 days | < 1 hour | | a logic bug flaw was found in the linux kernel’s | No | | | | | | | | | | | implementation of ssbd. a bug in the logic | | | | | | | | | | | | handling allows an attacker with a local account | | | | | | | | | | | | to disa... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-17007 | medium | 0.00 | nss | 2:3.28.4-0ubuntu0.16.04.6 | fixed in 2:3.28.4-0ubuntu0.16.04.9 | > 1 years | < 1 hour | | no description is available for this cve. | No | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-17006 | medium | 0.00 | nss | 2:3.28.4-0ubuntu0.16.04.6 | fixed in 2:3.28.4-0ubuntu0.16.04.10 | > 7 months | < 1 hour | | Network Security Services (NSS) is a set of | No | | | | | | | | | | | libraries designed to support the cross-platform | | | | | | | | | | | | development of security-enabled client and server | | | | | | | | | | | | applica... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-15690 | medium | 0.00 | libvncserver | 0.9.10+dfsg-3ubuntu0.16.04.3 | fixed in 0.9.10+dfsg-3ubuntu0.16.04.4 | > 8 months | < 1 hour | | LibVNCServer is a C library that enables you | No | | | | | | | | | | | to implement VNC server functionality into own | | | | | | | | | | | | programs. Security Fix(es): * libvncserver: | | | | | | | | | | | | HandleCursor... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-9169 | low | 9.80 | glibc | 2.23-0ubuntu11 | fixed in 2.23-0ubuntu11.2 | > 1 years | < 1 hour | | In the GNU C Library (aka glibc or libc6) through | No | | | | | | | | | | | 2.29, proceed_next_node in posix/regexec.c has | | | | | | | | | | | | a heap-based buffer over-read via an attempted | | | | | | | | | | | | case-i... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-11338 | low | 8.80 | ffmpeg | 7:2.8.15-0ubuntu0.16.04.1 | fixed in 7:2.8.17-0ubuntu0.1 | > 1 years | < 1 hour | | libavcodec/hevcdec.c in FFmpeg 4.1.2 mishandles | No | | | | | | | | | | | detection of duplicate first slices, which allows | | | | | | | | | | | | remote attackers to cause a denial of service | | | | | | | | | | | | (NULL ... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-13974 | low | 7.80 | linux | 4.4.0-173.203 | fixed in 4.4.0-186.216 | 72 days | < 1 hour | | ** DISPUTED ** An issue was discovered | No | | | | | | | | | | | in the Linux kernel through 5.7.1. | | | | | | | | | | | | drivers/tty/vt/keyboard.c has an integer overflow | | | | | | | | | | | | if k_ascii is called sever... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2017-11464 | low | 7.80 | librsvg | 2.40.13-3 | fixed in 2.40.13-3ubuntu0.1 | > 3 years | < 1 hour | | A SIGFPE is raised in the function box_blur_line | No | | | | | | | | | | | of rsvg-filter.c in GNOME librsvg 2.40.17 during | | | | | | | | | | | | an attempted parse of a crafted SVG file, because | | | | | | | | | | | | of... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-13114 | low | 7.50 | libexif | 0.6.21-2ubuntu0.1 | fixed in 0.6.21-2ubuntu0.5 | 90 days | < 1 hour | | An issue was discovered in libexif before 0.6.22. | No | | | | | | | | | | | An unrestricted size in handling Canon EXIF | | | | | | | | | | | | MakerNote data could lead to consumption of large | | | | | | | | | | | | amount... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-9674 | low | 7.50 | python3.5 | 3.5.2-2ubuntu0~16.04.9 | fixed in 3.5.2-2ubuntu0~16.04.11 | > 6 months | < 1 hour | | Lib/zipfile.py in Python through 3.7.2 allows | No | | | | | | | | | | | remote attackers to cause a denial of service | | | | | | | | | | | | (resource consumption) via a ZIP bomb. | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-20218 | low | 7.50 | sqlite3 | 3.11.0-1ubuntu1.3 | fixed in 3.11.0-1ubuntu1.4 | > 7 months | < 1 hour | | selectExpander in select.c in SQLite 3.30.1 | No | | | | | | | | | | | proceeds with WITH stack unwinding even after a | | | | | | | | | | | | parsing error. | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-19060 | low | 7.50 | linux | 4.4.0-173.203 | fixed in 4.4.0-179.209 | > 9 months | < 1 hour | | A memory leak in the adis_update_scan_mode() | No | | | | | | | | | | | function in drivers/iio/imu/adis_buffer.c in the | | | | | | | | | | | | Linux kernel before 5.3.9 allows attackers to | | | | | | | | | | | | cause a de... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-17514 | low | 7.50 | python3.5 | 3.5.2-2ubuntu0~16.04.9 | fixed in 3.5.2-2ubuntu0~16.04.11 | > 10 months | < 1 hour | | library/glob.html in the Python 2 and 3 | No | | | | | | | | | | | documentation before 2016 has potentially | | | | | | | | | | | | misleading information about whether sorting | | | | | | | | | | | | occurs, as demonstrated... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-15681 | low | 7.50 | libvncserver | 0.9.10+dfsg-3ubuntu0.16.04.3 | fixed in 0.9.10+dfsg-3ubuntu0.16.04.4 | > 9 months | < 1 hour | | LibVNC commit before | No | | | | | | | | | | | d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a contains | | | | | | | | | | | | a memory leak (CWE-655) in VNC server code, which | | | | | | | | | | | | allow an attacker to read sta... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-15680 | low | 7.50 | libvncserver | 0.9.10+dfsg-3ubuntu0.16.04.3 | fixed in 0.9.10+dfsg-3ubuntu0.16.04.4 | > 9 months | < 1 hour | | TightVNC code version 1.3.10 contains null pointer | No | | | | | | | | | | | dereference in HandleZlibBPP function, which | | | | | | | | | | | | results Denial of System (DoS). This attack appear | | | | | | | | | | | | to ... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2018-20030 | low | 7.50 | libexif | 0.6.21-2ubuntu0.1 | fixed in 0.6.21-2ubuntu0.2 | > 1 years | < 1 hour | | An error when processing the | No | | | | | | | | | | | EXIF_IFD_INTEROPERABILITY and EXIF_IFD_EXIF tags | | | | | | | | | | | | within libexif version 0.6.21 can be exploited to | | | | | | | | | | | | exhaust available CPU ... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2018-15822 | low | 7.50 | ffmpeg | 7:2.8.15-0ubuntu0.16.04.1 | fixed in 7:2.8.17-0ubuntu0.1 | > 1 years | < 1 hour | | The flv_write_packet function in | No | | | | | | | | | | | libavformat/flvenc.c in FFmpeg through 4.0.2 does | | | | | | | | | | | | not check for an empty audio packet, leading to an | | | | | | | | | | | | assertion failur... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-9383 | low | 7.10 | linux | 4.4.0-173.203 | fixed in 4.4.0-178.208 | > 5 months | < 1 hour | | An issue was discovered in the Linux kernel | No | | | | | | | | | | | through 5.5.6. set_fdc in drivers/block/floppy.c | | | | | | | | | | | | leads to a wait_til_ready out-of-bounds read | | | | | | | | | | | | because the ... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-1752 | low | 7.00 | glibc | 2.23-0ubuntu11 | fixed in 2.23-0ubuntu11.2 | > 3 months | < 1 hour | | A use-after-free vulnerability introduced in glibc | No | | | | | | | | | | | upstream version 2.14 was found in the way the | | | | | | | | | | | | tilde expansion was carried out. Directory paths | | | | | | | | | | | | con... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-12770 | low | 6.70 | linux | 4.4.0-173.203 | fixed in 4.4.0-185.215 | > 3 months | < 1 hour | | An issue was discovered in the Linux | No | | | | | | | | | | | kernel through 5.6.11. sg_write lacks an | | | | | | | | | | | | sg_remove_request call in a certain failure case, | | | | | | | | | | | | aka CID-83c6f2390040. | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-8492 | low | 6.50 | python3.5 | 3.5.2-2ubuntu0~16.04.9 | fixed in 3.5.2-2ubuntu0~16.04.10 | > 6 months | < 1 hour | | Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 | No | | | | | | | | | | | through 3.6.10, 3.7 through 3.7.6, and 3.8 through | | | | | | | | | | | | 3.8.1 allows an HTTP server to conduct Regular | | | | | | | | | | | | Ex... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-13143 | low | 6.50 | linux | 4.4.0-173.203 | fixed in 4.4.0-185.215 | > 3 months | < 1 hour | | gadget_dev_desc_UDC_store in | No | | | | | | | | | | | drivers/usb/gadget/configfs.c in the Linux | | | | | | | | | | | | kernel through 5.6.13 relies on kstrdup without | | | | | | | | | | | | considering the possibility of... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-19319 | low | 6.50 | linux | 4.4.0-173.203 | fixed in 4.4.0-184.214 | > 8 months | < 1 hour | | In the Linux kernel 5.0.21, a setxattr operation, | No | | | | | | | | | | | after a mount of a crafted ext4 image, can cause | | | | | | | | | | | | a slab-out-of-bounds write access because of an | | | | | | | | | | | | ext... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-17351 | low | 6.50 | linux | 4.4.0-173.203 | fixed in 4.4.0-174.204 | > 10 months | < 1 hour | | An issue was discovered in drivers/xen/balloon.c | No | | | | | | | | | | | in the Linux kernel before 5.2.3, as used in Xen | | | | | | | | | | | | through 4.12.x, allowing guest OS users to cause a | | | | | | | | | | | | d... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-13390 | low | 6.50 | ffmpeg | 7:2.8.15-0ubuntu0.16.04.1 | fixed in 7:2.8.17-0ubuntu0.1 | > 1 years | < 1 hour | | In FFmpeg 4.1.3, there is a division by zero at | No | | | | | | | | | | | adx_write_trailer in libavformat/rawenc.c. | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-14422 | low | 5.90 | python3.5 | 3.5.2-2ubuntu0~16.04.9 | fixed in 3.5.2-2ubuntu0~16.04.11 | 62 days | < 1 hour | | Lib/ipaddress.py in Python through 3.8.3 | No | | | | | | | | | | | improperly computes hash values in the | | | | | | | | | | | | IPv4Interface and IPv6Interface classes, which | | | | | | | | | | | | might allow a remote at... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-10711 | low | 5.90 | linux | 4.4.0-173.203 | fixed in 4.4.0-185.215 | 89 days | < 1 hour | | A NULL pointer dereference flaw was found in the | No | | | | | | | | | | | Linux kernel\'s SELinux subsystem in versions | | | | | | | | | | | | before 5.7. This flaw occurs while importing the | | | | | | | | | | | | Commer... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2017-12133 | low | 5.90 | glibc | 2.23-0ubuntu11 | fixed in 2.23-0ubuntu11.2 | > 2 years | < 1 hour | | Use-after-free vulnerability in the clntudp_call | No | | | | | | | | | | | function in sunrpc/clnt_udp.c in the GNU C Library | | | | | | | | | | | | (aka glibc or libc6) before 2.26 allows remote | | | | | | | | | | | | att... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-8992 | low | 5.50 | linux | 4.4.0-173.203 | fixed in 4.4.0-185.215 | > 6 months | < 1 hour | | ext4_protect_reserved_inode in | No | | | | | | | | | | | fs/ext4/block_validity.c in the Linux kernel | | | | | | | | | | | | through 5.5.3 allows attackers to cause a denial | | | | | | | | | | | | of service (soft lockup) ... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-15393 | low | 5.50 | linux | 4.4.0-173.203 | fixed in 4.4.0-187.217 | 51 days | < 1 hour | 8 | In the Linux kernel through 5.7.6, | No | | | | | | | | | | | usbtest_disconnect in drivers/usb/misc/usbtest.c | | | | | | | | | | | | has a memory leak, aka CID-28ebeb8db770. | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-12771 | low | 5.50 | linux | 4.4.0-173.203 | fixed in 4.4.0-187.217 | > 3 months | < 1 hour | | An issue was discovered in the Linux | No | | | | | | | | | | | kernel through 5.6.11. btree_gc_coalesce in | | | | | | | | | | | | drivers/md/bcache/btree.c has a deadlock if a | | | | | | | | | | | | coalescing operation fa... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-10029 | low | 5.50 | glibc | 2.23-0ubuntu11 | fixed in 2.23-0ubuntu11.2 | > 5 months | < 1 hour | | The GNU C Library (aka glibc or libc6) before 2.32 | No | | | | | | | | | | | could overflow an on-stack buffer during range | | | | | | | | | | | | reduction if an input to an 80-bit long double | | | | | | | | | | | | funct... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-0009 | low | 5.50 | linux | 4.4.0-173.203 | fixed in 4.4.0-178.208 | > 7 months | < 1 hour | | In calc_vm_may_flags of ashmem.c, there is a | No | | | | | | | | | | | possible arbitrary write to shared memory due to | | | | | | | | | | | | a permissions bypass. This could lead to local | | | | | | | | | | | | escalatio... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-2228 | low | 5.50 | cups | 2.1.3-4ubuntu0.10 | fixed in 2.1.3-4ubuntu0.11 | > 8 months | < 1 hour | | In array_find of array.c, there is a possible | No | | | | | | | | | | | out-of-bounds read due to an incorrect bounds | | | | | | | | | | | | check. This could lead to local information | | | | | | | | | | | | disclosure in ... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-20810 | low | 5.50 | linux | 4.4.0-173.203 | fixed in 4.4.0-186.216 | 78 days | < 1 hour | | go7007_snd_init in | No | | | | | | | | | | | drivers/media/usb/go7007/snd-go7007.c in the Linux | | | | | | | | | | | | kernel before 5.6 does not call snd_card_free for | | | | | | | | | | | | a failure path, which causes a... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-19051 | low | 5.50 | linux | 4.4.0-173.203 | fixed in 4.4.0-174.204 | > 9 months | < 1 hour | | A memory leak in the i2400m_op_rfkill_sw_toggle() | No | | | | | | | | | | | function in drivers/net/wimax/i2400m/op-rfkill.c | | | | | | | | | | | | in the Linux kernel before 5.3.11 allows attackers | | | | | | | | | | | | ... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-2781 | low | 5.30 | openjdk-8 | 8u242-b08-0ubuntu3~16.04 | fixed in 8u252-b09-1~16.04 | > 4 months | < 1 hour | | Vulnerability in the Java SE, Java SE Embedded | No | | | | | | | | | | | product of Oracle Java SE (component: JSSE). | | | | | | | | | | | | Supported versions that are affected are Java SE: | | | | | | | | | | | | 7u251, 8... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-1551 | low | 5.30 | openssl | 1.0.2g-1ubuntu4.15 | fixed in 1.0.2g-1ubuntu4.16 | > 8 months | < 1 hour | | There is an overflow bug in the x64_64 Montgomery | No | | | | | | | | | | | squaring procedure used in exponentiation with | | | | | | | | | | | | 512-bit moduli. No EC algorithms are affected. | | | | | | | | | | | | Analys... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-0093 | low | 5.00 | libexif | 0.6.21-2ubuntu0.1 | fixed in 0.6.21-2ubuntu0.5 | > 3 months | < 1 hour | | In exif_data_save_data_entry of exif-data.c, | No | | | | | | | | | | | there is a possible out of bounds read due to a | | | | | | | | | | | | missing bounds check. This could lead to local | | | | | | | | | | | | informatio... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-19066 | low | 4.70 | linux | 4.4.0-173.203 | fixed in 4.4.0-174.204 | > 9 months | < 1 hour | | A memory leak in the bfad_im_get_stats() function | No | | | | | | | | | | | in drivers/scsi/bfa/bfad_attr.c in the Linux | | | | | | | | | | | | kernel through 5.3.11 allows attackers to cause a | | | | | | | | | | | | denia... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-19056 | low | 4.70 | linux | 4.4.0-173.203 | fixed in 4.4.0-174.204 | > 9 months | < 1 hour | | A memory leak in the | No | | | | | | | | | | | mwifiex_pcie_alloc_cmdrsp_buf() function in | | | | | | | | | | | | drivers/net/wireless/marvell/mwifiex/pcie.c in the | | | | | | | | | | | | Linux kernel through 5.3.11 allows... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-16234 | low | 4.70 | linux | 4.4.0-173.203 | fixed in 4.4.0-178.208 | > 11 months | < 1 hour | | drivers/net/wireless/intel/iwlwifi/pcie/trans.c | No | | | | | | | | | | | in the Linux kernel 5.2.14 does not check the | | | | | | | | | | | | alloc_workqueue return value, leading to a NULL | | | | | | | | | | | | pointer ... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-1547 | low | 4.70 | openssl | 1.0.2g-1ubuntu4.15 | fixed in 1.0.2g-1ubuntu4.16 | > 11 months | < 1 hour | | Normally in OpenSSL EC groups always have a | No | | | | | | | | | | | co-factor present and this is used in side channel | | | | | | | | | | | | resistant code paths. However, in some cases, it | | | | | | | | | | | | is pos... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2018-16888 | low | 4.70 | systemd | 229-4ubuntu21.22 | fixed in 229-4ubuntu21.27 | > 1 years | < 1 hour | | It was discovered systemd does not correctly check | No | | | | | | | | | | | the content of PIDFile files before using it to | | | | | | | | | | | | kill processes. When a service is run from an | | | | | | | | | | | | unpri... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-19947 | low | 4.60 | linux | 4.4.0-173.203 | fixed in 4.4.0-186.216 | > 8 months | < 1 hour | | In the Linux kernel through 5.4.6, there | No | | | | | | | | | | | are information leaks of uninitialized | | | | | | | | | | | | memory to a USB device in the | | | | | | | | | | | | drivers/net/can/usb/kvaser_usb/kvaser_us... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-19068 | low | 4.60 | linux | 4.4.0-173.203 | fixed in 4.4.0-174.204 | > 9 months | < 1 hour | | A memory leak in the | No | | | | | | | | | | | rtl8xxxu_submit_int_urb() function in | | | | | | | | | | | | drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c | | | | | | | | | | | | in the Linux kernel through 5.3.11 al... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-15220 | low | 4.60 | linux | 4.4.0-173.203 | fixed in 4.4.0-174.204 | > 1 years | < 1 hour | | An issue was discovered in the Linux kernel | No | | | | | | | | | | | before 5.2.1. There is a use-after-free | | | | | | | | | | | | caused by a malicious USB device in the | | | | | | | | | | | | drivers/net/wireless/inter... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-10732 | low | 4.40 | linux | 4.4.0-173.203 | fixed in 4.4.0-186.216 | 68 days | < 1 hour | | A flaw was found in the Linux kernel\'s | No | | | | | | | | | | | implementation of Userspace core dumps. This flaw | | | | | | | | | | | | allows an attacker with a local account to crash a | | | | | | | | | | | | trivial p... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-12652 | low | 4.10 | linux | 4.4.0-173.203 | fixed in 4.4.0-174.204 | > 3 months | < 1 hour | | The __mptctl_ioctl function in | No | | | | | | | | | | | drivers/message/fusion/mptctl.c in the Linux | | | | | | | | | | | | kernel before 5.4.14 allows local users to hold an | | | | | | | | | | | | incorrect lock during t... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-16233 | low | 4.10 | linux | 4.4.0-173.203 | fixed in 4.4.0-178.208 | > 11 months | < 1 hour | | drivers/scsi/qla2xxx/qla_os.c in the Linux kernel | No | | | | | | | | | | | 5.2.14 does not check the alloc_workqueue return | | | | | | | | | | | | value, leading to a NULL pointer dereference. | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-9488 | low | 3.70 | org.apache.logging.log4j_log4j-api | 2.7 | fixed in 2.13.2 | > 3 months | < 1 hour | | Improper validation of certificate with host | No | | | | | | | | | | | mismatch in Apache Log4j SMTP appender. This could | | | | | | | | | | | | allow an SMTPS connection to be intercepted by a | | | | | | | | | | | | man-i... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-2773 | low | 3.70 | openjdk-8 | 8u242-b08-0ubuntu3~16.04 | fixed in 8u252-b09-1~16.04 | > 4 months | < 1 hour | | Vulnerability in the Java SE, Java SE Embedded | No | | | | | | | | | | | product of Oracle Java SE (component: Security). | | | | | | | | | | | | Supported versions that are affected are Java SE: | | | | | | | | | | | | 7u25... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-2757 | low | 3.70 | openjdk-8 | 8u242-b08-0ubuntu3~16.04 | fixed in 8u252-b09-1~16.04 | > 4 months | < 1 hour | | Vulnerability in the Java SE, Java SE | No | | | | | | | | | | | Embedded product of Oracle Java SE (component: | | | | | | | | | | | | Serialization). Supported versions that are | | | | | | | | | | | | affected are Java SE:... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-2756 | low | 3.70 | openjdk-8 | 8u242-b08-0ubuntu3~16.04 | fixed in 8u252-b09-1~16.04 | > 4 months | < 1 hour | | Vulnerability in the Java SE, Java SE | No | | | | | | | | | | | Embedded product of Oracle Java SE (component: | | | | | | | | | | | | Serialization). Supported versions that are | | | | | | | | | | | | affected are Java SE:... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-2755 | low | 3.70 | openjdk-8 | 8u242-b08-0ubuntu3~16.04 | fixed in 8u252-b09-1~16.04 | > 4 months | < 1 hour | | Vulnerability in the Java SE, Java SE Embedded | No | | | | | | | | | | | product of Oracle Java SE (component: Scripting). | | | | | | | | | | | | Supported versions that are affected are Java SE: | | | | | | | | | | | | 8u2... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-2754 | low | 3.70 | openjdk-8 | 8u242-b08-0ubuntu3~16.04 | fixed in 8u252-b09-1~16.04 | > 4 months | < 1 hour | | Vulnerability in the Java SE, Java SE Embedded | No | | | | | | | | | | | product of Oracle Java SE (component: Scripting). | | | | | | | | | | | | Supported versions that are affected are Java SE: | | | | | | | | | | | | 8u2... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-1563 | low | 3.70 | openssl | 1.0.2g-1ubuntu4.15 | fixed in 1.0.2g-1ubuntu4.16 | > 11 months | < 1 hour | | In situations where an attacker receives automated | No | | | | | | | | | | | notification of the success or failure of a | | | | | | | | | | | | decryption attempt an attacker, after sending a | | | | | | | | | | | | very la... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-19126 | low | 3.30 | glibc | 2.23-0ubuntu11 | fixed in 2.23-0ubuntu11.2 | > 9 months | < 1 hour | | On the x86-64 architecture, the GNU C Library | No | | | | | | | | | | | (aka glibc) before 2.31 fails to ignore the | | | | | | | | | | | | LD_PREFER_MAP_32BIT_EXEC environment variable | | | | | | | | | | | | during program... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2019-20386 | low | 2.40 | systemd | 229-4ubuntu21.22 | fixed in 229-4ubuntu21.27 | > 7 months | < 1 hour | | An issue was discovered in button_open in | No | | | | | | | | | | | login/logind-button.c in systemd before 243. When | | | | | | | | | | | | executing the udevadm trigger command, a memory | | | | | | | | | | | | leak may o... | | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+ | CVE-2020-8231 | low | 0.00 | curl | 7.47.0-1ubuntu2.14 | fixed in 7.47.0-1ubuntu2.16 | 1 days | < 1 hour | 59 | no description is available for this cve. | No | +------------------+----------+-------+---------------------------------------------+------------------------------+---------------------------------------+-------------+------------+------------+-------------------------------------------------------+-------------------+