CVEs from 2020
Total
4,010
critical
critical 194
high
high 479
medium
medium 679
low
low 57
% Critical
4.8%
% with KEV
3.6%
% with exploit
4.0%
Top vendors
- oracle 339
- schneider-electric 136
- netapp 12
- fasterxml 8
- denx 2
- nsasoft 1
- rubyonrails 1
- google 1
Top products
- banking_digital_experience 30
- retail_xstore_point_of_service 28
- primavera_unifier 27
- retail_service_backbone 15
- financial_services_institutional_performance_analytics 10
- communications_network_charging_and_control 10
- communications_contacts_server 9
- agile_plm 8
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-14791 | medium | — | 5.5 | 5y ago | Moderate: mysql:8.0 security, bug fix, and enhancement update | |||
| CVE-2020-14844 | medium | — | 5.5 | 5y ago | Moderate: mysql:8.0 security, bug fix, and enhancement update | |||
| CVE-2020-14873 | medium | — | 5.5 | 5y ago | Moderate: mysql:8.0 security, bug fix, and enhancement update | |||
| CVE-2020-14870 | medium | — | 5.5 | 5y ago | Moderate: mysql:8.0 security, bug fix, and enhancement update | |||
| CVE-2020-14891 | medium | — | 5.5 | 5y ago | Moderate: mysql:8.0 security, bug fix, and enhancement update | |||
| CVE-2020-25648 | medium | — | 5.5 | 5y ago | Moderate: nss and nspr security, bug fix, and enhancement update | |||
| CVE-2020-27617 | medium | — | 5.5 | 5y ago | Moderate: virt:rhel and virt-devel:rhel security and bug fix update | |||
| CVE-2020-13754 | medium | — | 5.5 | 5y ago | Moderate: virt:rhel and virt-devel:rhel security and bug fix update | |||
| CVE-2020-26264 | medium | — | 5.5 | 5y ago | Nil pointer dereference via malicious RPC message in github.com/ethereum/go-ethereum | |||
| CVE-2020-10933 | medium | — | 5.5 | 5y ago | Moderate: ruby:2.5 security, bug fix, and enhancement update | |||
| CVE-2020-27846 | medium | — | 5.5 | 5y ago | Moderate: grafana security, bug fix, and enhancement update | |||
| CVE-2020-26284 | medium | — | 5.5 | 5y ago | Hugo is a fast and Flexible Static Site Generator built in Go. Hugo depends on Go's `os/exec` for certain features, e.g. for rendering of Pandoc documents if these binaries are found in the system `%… | |||
| CVE-2020-26137 | medium | — | 5.5 | 5y ago | Moderate: python27:2.7 security and bug fix update | |||
| CVE-2020-28924 | medium | — | 5.5 | 5y ago | An issue was discovered in Rclone before 1.53.3. Due to the use of a weak random number generator, the password generator has been producing weak passwords with much less entropy than advertised. The… | |||
| CVE-2020-13956 | medium | — | 5.5 | 5y ago | Cross-site scripting in Apache HttpClient | |||
| CVE-2020-14040 | medium | — | 5.5 | 5y ago | Moderate: container-tools:rhel8 security, bug fix, and enhancement update | |||
| CVE-2020-5238 | medium | — | 5.5 | 5y ago | Moderate: pandoc security update | |||
| CVE-2020-13434 | medium | — | 5.5 | 5y ago | Moderate: mingw packages security and bug fix update | |||
| CVE-2020-13631 | medium | — | 5.5 | 5y ago | Moderate: mingw packages security and bug fix update | |||
| CVE-2020-13630 | medium | — | 5.5 | 5y ago | Moderate: mingw packages security and bug fix update | |||
| CVE-2020-13632 | medium | — | 5.5 | 5y ago | Moderate: mingw packages security and bug fix update | |||
| CVE-2020-24386 | medium | — | 5.5 | 5y ago | Moderate: dovecot security and bug fix update | |||
| CVE-2020-25275 | medium | — | 5.5 | 5y ago | Moderate: dovecot security and bug fix update | |||
| CVE-2020-27778 | medium | — | 5.5 | 5y ago | Moderate: poppler and evince security, bug fix, and enhancement update | |||
| CVE-2020-26116 | medium | — | 5.5 | 5y ago | http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by ins… | |||
| CVE-2020-16289 | medium | — | 5.5 | 5y ago | A buffer overflow vulnerability in cif_print_page() in devices/gdevcif.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fi… | |||
| CVE-2020-16290 | medium | — | 5.5 | 5y ago | A buffer overflow vulnerability in jetp3852_print_page() in devices/gdev3852.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This… | |||
| CVE-2020-16303 | medium | — | 5.5 | 5y ago | A use-after-free vulnerability in xps_finish_image_path() in devices/vector/gdevxps.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted PDF file. Thi… | |||
| CVE-2020-16299 | medium | — | 5.5 | 5y ago | A Division by Zero vulnerability in bj10v_print_page() in contrib/japanese/gdev10v.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file… | |||
| CVE-2020-16298 | medium | — | 5.5 | 5y ago | A buffer overflow vulnerability in mj_color_correct() in contrib/japanese/gdevmjc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file.… | |||
| CVE-2020-16300 | medium | — | 5.5 | 5y ago | A buffer overflow vulnerability in tiff12_print_page() in devices/gdevtfnx.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This i… | |||
| CVE-2020-16296 | medium | — | 5.5 | 5y ago | A buffer overflow vulnerability in GetNumWrongData() in contrib/lips4/gdevlips.c of Artifex Software GhostScript from v9.18 to v9.50 allows a remote attacker to cause a denial of service via a crafte… | |||
| CVE-2020-16295 | medium | — | 5.5 | 5y ago | A null pointer dereference vulnerability in clj_media_size() in devices/gdevclj.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. T… | |||
| CVE-2020-16297 | medium | — | 5.5 | 5y ago | A buffer overflow vulnerability in FloydSteinbergDitheringC() in contrib/gdevbjca.c of Artifex Software GhostScript v9.18 to v9.50 allows a remote attacker to cause a denial of service via a crafted … | |||
| CVE-2020-16294 | medium | — | 5.5 | 5y ago | A buffer overflow vulnerability in epsc_print_page() in devices/gdevepsc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is … | |||
| CVE-2020-16293 | medium | — | 5.5 | 5y ago | A null pointer dereference vulnerability in compose_group_nonknockout_nonblend_isolated_allmask_common() in base/gxblend.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a de… | |||
| CVE-2020-16291 | medium | — | 5.5 | 5y ago | A buffer overflow vulnerability in contrib/gdevdj9.c of Artifex Software GhostScript v9.18 to v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.5… | |||
| CVE-2020-16288 | medium | — | 5.5 | 5y ago | A buffer overflow vulnerability in pj_common_print_page() in devices/gdevpjet.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. Thi… | |||
| CVE-2020-16305 | medium | — | 5.5 | 5y ago | A buffer overflow vulnerability in pcx_write_rle() in contrib/japanese/gdev10v.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. Th… | |||
| CVE-2020-16308 | medium | — | 5.5 | 5y ago | A buffer overflow vulnerability in p_print_image() in devices/gdevcdj.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fix… | |||
| CVE-2020-16309 | medium | — | 5.5 | 5y ago | A buffer overflow vulnerability in lxm5700m_print_page() in devices/gdevlxm.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted eps file. This … | |||
| CVE-2020-16310 | medium | — | 5.5 | 5y ago | A division by zero vulnerability in dot24_print_page() in devices/gdevdm24.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This i… | |||
| CVE-2020-17538 | medium | — | 5.5 | 5y ago | A buffer overflow vulnerability in GetNumSameData() in contrib/lips4/gdevlips.c of Artifex Software GhostScript from v9.18 to v9.50 allows a remote attacker to cause a denial of service via a crafted… | |||
| CVE-2020-16292 | medium | — | 5.5 | 5y ago | A buffer overflow vulnerability in mj_raster_cmd() in contrib/japanese/gdevmjc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. Th… | |||
| CVE-2020-16306 | medium | — | 5.5 | 5y ago | A null pointer dereference vulnerability in devices/gdevtsep.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted postscript file. This is fixed… | |||
| CVE-2020-16302 | medium | — | 5.5 | 5y ago | A buffer overflow vulnerability in jetp3852_print_page() in devices/gdev3852.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted PDF file. This is fi… | |||
| CVE-2020-16307 | medium | — | 5.5 | 5y ago | A null pointer dereference vulnerability in devices/vector/gdevtxtw.c and psi/zbfont.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted postsc… | |||
| CVE-2020-16301 | medium | — | 5.5 | 5y ago | A buffer overflow vulnerability in okiibm_print_page1() in devices/gdevokii.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This … | |||
| CVE-2020-16304 | medium | — | 5.5 | 5y ago | A buffer overflow vulnerability in image_render_color_thresh() in base/gxicolor.c of Artifex Software GhostScript v9.18 to v9.50 allows a remote attacker to escalate privileges via a crafted eps file… | |||
| CVE-2020-14373 | medium | — | 5.5 | 5y ago | A use after free was found in igc_reloc_struct_ptr() of psi/igc.c of ghostscript-9.25. A local attacker could supply a specially crafted PDF file to cause a denial of service. | |||
| CVE-2020-16287 | medium | — | 5.5 | 5y ago | A buffer overflow vulnerability in lprn_is_black() in contrib/lips4/gdevlprn.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This… | |||
| CVE-2020-11099 | medium | — | 5.5 | 5y ago | Moderate: freerdp security, bug fix, and enhancement update | |||
| CVE-2020-11097 | medium | — | 5.5 | 5y ago | Moderate: freerdp security, bug fix, and enhancement update | |||
| CVE-2020-11095 | medium | — | 5.5 | 5y ago | Moderate: freerdp security, bug fix, and enhancement update | |||
| CVE-2020-15103 | medium | — | 5.5 | 5y ago | Moderate: freerdp security, bug fix, and enhancement update | |||
| CVE-2020-4030 | medium | — | 5.5 | 5y ago | Moderate: freerdp security, bug fix, and enhancement update | |||
| CVE-2020-4033 | medium | — | 5.5 | 5y ago | Moderate: freerdp security, bug fix, and enhancement update | |||
| CVE-2020-11098 | medium | — | 5.5 | 5y ago | Moderate: freerdp security, bug fix, and enhancement update | |||
| CVE-2020-11096 | medium | — | 5.5 | 5y ago | Moderate: freerdp security, bug fix, and enhancement update | |||
| CVE-2020-25713 | medium | — | 5.5 | 5y ago | Moderate: raptor2 security and bug fix update | |||
| CVE-2020-25708 | medium | — | 5.5 | 5y ago | Moderate: libvncserver security update | |||
| CVE-2020-14397 | medium | — | 5.5 | 5y ago | Moderate: libvncserver security update | |||
| CVE-2020-14405 | medium | — | 5.5 | 5y ago | Moderate: libvncserver security update | |||
| CVE-2020-11984 | medium | — | 5.5 | 5y ago | Moderate: httpd:2.4 security, bug fix, and enhancement update | |||
| CVE-2020-11993 | medium | — | 5.5 | 5y ago | Moderate: httpd:2.4 security, bug fix, and enhancement update | |||
| CVE-2020-14345 | medium | — | 5.5 | 5y ago | Moderate: userspace graphics, xorg-x11, and mesa security, bug fix, and enhancement update | |||
| CVE-2020-14363 | medium | — | 5.5 | 5y ago | Moderate: userspace graphics, xorg-x11, and mesa security, bug fix, and enhancement update | |||
| CVE-2020-14347 | medium | — | 5.5 | 5y ago | Moderate: userspace graphics, xorg-x11, and mesa security, bug fix, and enhancement update | |||
| CVE-2020-14362 | medium | — | 5.5 | 5y ago | Moderate: userspace graphics, xorg-x11, and mesa security, bug fix, and enhancement update | |||
| CVE-2020-14361 | medium | — | 5.5 | 5y ago | Moderate: userspace graphics, xorg-x11, and mesa security, bug fix, and enhancement update | |||
| CVE-2020-25712 | medium | — | 5.5 | 5y ago | Moderate: userspace graphics, xorg-x11, and mesa security, bug fix, and enhancement update | |||
| CVE-2020-14344 | medium | — | 5.5 | 5y ago | Moderate: userspace graphics, xorg-x11, and mesa security, bug fix, and enhancement update | |||
| CVE-2020-14360 | medium | — | 5.5 | 5y ago | Moderate: userspace graphics, xorg-x11, and mesa security, bug fix, and enhancement update | |||
| CVE-2020-14346 | medium | — | 5.5 | 5y ago | Moderate: userspace graphics, xorg-x11, and mesa security, bug fix, and enhancement update | |||
| CVE-2020-25651 | medium | — | 5.5 | 5y ago | Moderate: spice-vdagent security and bug fix update | |||
| CVE-2020-25652 | medium | — | 5.5 | 5y ago | Moderate: spice-vdagent security and bug fix update | |||
| CVE-2020-25653 | medium | — | 5.5 | 5y ago | Moderate: spice-vdagent security and bug fix update | |||
| CVE-2020-25650 | medium | — | 5.5 | 5y ago | Moderate: spice-vdagent security and bug fix update | |||
| CVE-2020-12695 | medium | — | 5.5 | 5y ago | Moderate: gssdp and gupnp security update | |||
| CVE-2020-29443 | medium | — | 5.5 | 5y ago | Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update | |||
| CVE-2020-16092 | medium | — | 5.5 | 5y ago | Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update | |||
| CVE-2020-29130 | medium | — | 5.5 | 5y ago | Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update | |||
| CVE-2020-29129 | medium | — | 5.5 | 5y ago | Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update | |||
| CVE-2020-27821 | medium | — | 5.5 | 5y ago | Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update | |||
| CVE-2020-25723 | medium | — | 5.5 | 5y ago | Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update | |||
| CVE-2020-25707 | medium | — | 5.5 | 5y ago | Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update | |||
| CVE-2020-11947 | medium | — | 5.5 | 5y ago | Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update | |||
| CVE-2020-28916 | medium | — | 5.5 | 5y ago | Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update | |||
| CVE-2020-25637 | medium | — | 5.5 | 5y ago | A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting information about network interfaces of a running QEMU domain. This flaw affects… | |||
| CVE-2020-17507 | medium | — | 5.5 | 5y ago | Moderate: qt5-qtbase security and bug fix update | |||
| CVE-2020-12867 | medium | — | 5.5 | 5y ago | Moderate: sane-backends security update | |||
| CVE-2020-14372 | medium | — | 5.5 | 5y ago | Moderate: shim security update | |||
| CVE-2020-27749 | medium | — | 5.5 | 5y ago | Moderate: shim security update | |||
| CVE-2020-27779 | medium | — | 5.5 | 5y ago | Moderate: shim security update | |||
| CVE-2020-25647 | medium | — | 5.5 | 5y ago | Moderate: shim security update | |||
| CVE-2020-25632 | medium | — | 5.5 | 5y ago | Moderate: shim security update | |||
| CVE-2020-14318 | medium | — | 5.5 | 5y ago | A flaw was found in the way samba handled file and directory permissions. An authenticated user could use this flaw to gain access to certain file and directory information which otherwise would be u… | |||
| CVE-2020-14323 | medium | — | 5.5 | 5y ago | A null pointer dereference flaw was found in samba's Winbind service in versions before 4.11.15, before 4.12.9 and before 4.13.1. A local user could use this flaw to crash the winbind service causing… | |||
| CVE-2020-24331 | medium | — | 5.5 | 5y ago | Moderate: trousers security, bug fix, and enhancement update | |||
| CVE-2020-24330 | medium | — | 5.5 | 5y ago | Moderate: trousers security, bug fix, and enhancement update |