CVEs from 2020

4,812 normalized CVEs published or assigned in this year.

Total

4,812

critical

critical 193

high

high 470

medium

medium 675

low

low 56

% Critical

4.0%

% with KEV

3.0%

% with exploit

3.1%

Top vendors

Top products

banking_digital_experience 30
retail_xstore_point_of_service 28
primavera_unifier 27
retail_service_backbone 15
financial_services_institutional_performance_analytics 10
communications_network_charging_and_control 10
communications_contacts_server 9
agile_plm 8

Top packages

PyPI/tensorflow-cpu 146
PyPI/tensorflow-gpu 146
PyPI/tensorflow 146
Packagist/drupal/core 67
PyPI/salt 64
PyPI/ansible 61
Packagist/magento/community-edition 61
Maven/com.fasterxml.jackson.core:jackson-databind 55

critical high medium low unknown

0

KEV Has exploit

CVE	Severity	CVSS	Risk	Published	Description	Impact
CVE-2020-1472	medium	—	7.0	5y ago	Moderate: samba security, bug fix, and enhancement update
CVE-2020-36193	medium	—	7.0	5y ago	Moderate: php:7.4 security update	+1
CVE-2020-28949	medium	—	7.0	6y ago	Moderate: php:7.4 security update
CVE-2020-1938	medium	—	7.0	6y ago	Apache Tomcat treats Apache JServ Protocol (AJP) connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exploit…
CVE-2020-11023	medium	—	7.0	6y ago	Moderate: doxygen security update	+5