VIR Vulnerability Intelligence Relay

CVEs from 2020

4,160 normalized CVEs published or assigned in this year.

Total
4,160
critical
critical 193
high
high 470
medium
medium 675
low
low 56
% Critical
4.6%
% with KEV
3.5%
% with exploit
3.6%

Top vendors

Top products

  • banking_digital_experience 30
  • retail_xstore_point_of_service 28
  • primavera_unifier 27
  • retail_service_backbone 15
  • financial_services_institutional_performance_analytics 10
  • communications_network_charging_and_control 10
  • communications_contacts_server 9
  • agile_plm 8

Top packages

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2020-29361 medium 5.5 5y ago Moderate: p11-kit security, bug fix, and enhancement update archsuserockylinuxdebian
CVE-2020-29363 medium 5.5 5y ago Moderate: p11-kit security, bug fix, and enhancement update archsuserockylinuxdebian
CVE-2020-26571 medium 5.5 5y ago Moderate: opensc security, bug fix, and enhancement update archsuserockylinuxdebian
CVE-2020-26572 medium 5.5 5y ago Moderate: opensc security, bug fix, and enhancement update archsuserockylinuxdebian
CVE-2020-26570 medium 5.5 5y ago Moderate: opensc security, bug fix, and enhancement update archsuserockylinuxdebian
CVE-2020-27153 medium 5.5 5y ago Moderate: bluez security update debiansuserockylinux
CVE-2020-9951 medium 5.5 5y ago Moderate: GNOME security, bug fix, and enhancement update suserockylinuxdebian
CVE-2020-16125 medium 5.5 5y ago Moderate: GNOME security, bug fix, and enhancement update archsusedebianrockylinux
CVE-2020-13543 medium 5.5 5y ago Moderate: GNOME security, bug fix, and enhancement update suserockylinuxdebian
CVE-2020-9948 medium 5.5 5y ago Moderate: GNOME security, bug fix, and enhancement update suserockylinuxdebian
CVE-2020-9983 medium 5.5 5y ago Moderate: GNOME security, bug fix, and enhancement update suserockylinuxdebian
CVE-2020-13584 medium 5.5 5y ago Moderate: GNOME security, bug fix, and enhancement update suserockylinuxdebian
CVE-2020-27618 medium 5.5 5y ago Moderate: glibc security, bug fix, and enhancement update archsusedebianrockylinux
CVE-2020-7754 medium 5.5 5y ago Moderate: nodejs:12 security update rockylinuxnpm
CVE-2020-1747 medium 5.5 5y ago Moderate: python38:3.8 security, bug fix, and enhancement update suserockylinuxdebianpython
CVE-2020-35678 medium 5.5 5y ago Autobahn|Python before 20.12.3 allows redirect header injection. archdebianpython
CVE-2020-28473 medium 5.5 5y ago The package bottle from 0 and before 0.12.19 are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), … archsusedebianpython
CVE-2020-28463 medium 5.5 5y ago All versions of package reportlab are vulnerable to Server-side Request Forgery (SSRF) via img tags. In order to reduce risk, use trustedSchemes & trustedHosts (see in Reportlab's documentation) Step… archsusedebianpython
CVE-2020-7774 medium 5.5 5y ago Moderate: nodejs:10 security update suserockylinuxdebiannpm
CVE-2020-14343 medium 5.5 5y ago Moderate: python38:3.8 and python38-devel:3.8 security update archsuserockylinuxdebian+1
CVE-2020-28493 medium 5.5 5y ago Moderate: python38:3.8 and python38-devel:3.8 security update archsuserockylinuxdebian+1
CVE-2020-24583 medium 5.5 5y ago An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 (when Python 3.7+ is used). FILE_UPLOAD_DIRECTORY_PERMISSIONS mode was not applied to intermediate-level d… archsusedebianpython
CVE-2020-24584 medium 5.5 5y ago An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 (when Python 3.7+ is used). The intermediate-level directories of the filesystem cache had the system's st… archsusedebianpython
CVE-2020-35653 medium 5.5 5y ago Moderate: python-pillow security update archsuserockylinuxdebian+1
CVE-2020-35655 medium 5.5 5y ago Moderate: python-pillow security update archsuserockylinuxdebian+1
CVE-2020-35654 medium 5.5 5y ago In Pillow before 8.1.0, TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode. archsusedebianpython
CVE-2020-13949 medium 5.5 5y ago Uncontrolled Resource Consumption in Apache Thrift archsusedebianjava
CVE-2020-8265 medium 5.5 5y ago Moderate: nodejs:10 security update archsuserockylinuxdebian
CVE-2020-8287 medium 5.5 5y ago Moderate: nodejs:10 security update archsusedebianrockylinux
CVE-2020-36242 medium 5.5 5y ago In the cryptography package before 3.3.2 for Python, certain sequences of update calls to symmetrically encrypt multi-GB values could result in an integer overflow and buffer overflow, as demonstrate… archsuserockylinuxdebian+1
CVE-2020-11979 medium 5.5 5y ago Code injection in Apache Ant debianarchsusejava
CVE-2020-26272 medium 5.5 5y ago IPC messages delivered to the wrong frame in Electron archnpm
CVE-2020-27783 medium 5.5 6y ago Moderate: python27:2.7 security and bug fix update archsuserockylinuxdebian+1
CVE-2020-26297 medium 5.5 6y ago XSS in mdBook's search page archrust
CVE-2020-26275 medium 5.5 6y ago The Jupyter Server provides the backend (i.e. the core services, APIs, and REST endpoints) for Jupyter web applications like Jupyter notebook, JupyterLab, and Voila. In Jupyter Server before version … debianpython
CVE-2020-14789 medium 5.5 6y ago Moderate: mysql:8.0 security, bug fix, and enhancement update suserockylinuxdebian
CVE-2020-14776 medium 5.5 6y ago Moderate: mysql:8.0 security, bug fix, and enhancement update suserockylinuxdebian
CVE-2020-14812 medium 5.5 6y ago Moderate: mysql:8.0 security, bug fix, and enhancement update suserockylinuxdebian
CVE-2020-8277 medium 5.5 6y ago Moderate: nodejs:14 security and bug fix update debianarchsuserockylinux
CVE-2020-25654 medium 5.5 6y ago Moderate: pacemaker security update susedebian
CVE-2020-26257 medium 5.5 6y ago Matrix is an ecosystem for open federated Instant Messaging and VoIP. Synapse is a reference "homeserver" implementation of Matrix. A malicious or poorly-implemented homeserver can inject malformed e… archdebianpython
CVE-2020-28948 medium 5.5 6y ago Moderate: php:7.4 security update rockylinuxdebianphp
CVE-2020-15266 medium 5.5 6y ago In Tensorflow before version 2.4.0, when the `boxes` argument of `tf.image.crop_and_resize` has a very large value, the CPU kernel implementation receives it as a C++ `nan` floating point value. Atte… archdebianpython
CVE-2020-15265 medium 5.5 6y ago In Tensorflow before version 2.4.0, an attacker can pass an invalid `axis` value to `tf.quantization.quantize_and_dequantize`. This results in accessing a dimension outside the rank of the input tens… archdebianpython
CVE-2020-25690 medium 5.5 6y ago Moderate: fontforge security update susedebian
CVE-2020-10958 medium 5.5 6y ago Moderate: dovecot security update archsusedebian
CVE-2020-10967 medium 5.5 6y ago Moderate: dovecot security update archsusedebian
CVE-2020-1927 medium 5.5 6y ago Moderate: httpd:2.4 security, bug fix, and enhancement update debianarchrockylinux
CVE-2020-1934 medium 5.5 6y ago Moderate: httpd:2.4 security, bug fix, and enhancement update debianarchrockylinux
CVE-2020-15049 medium 5.5 6y ago Moderate: squid:4 security, bug fix, and enhancement update suserockylinuxdebian
CVE-2020-14058 medium 5.5 6y ago Moderate: squid:4 security, bug fix, and enhancement update suserockylinuxdebian
CVE-2020-8450 medium 5.5 6y ago Moderate: squid:4 security, bug fix, and enhancement update suserockylinuxdebian
CVE-2020-8449 medium 5.5 6y ago Moderate: squid:4 security, bug fix, and enhancement update rockylinuxdebian
CVE-2020-24606 medium 5.5 6y ago Moderate: squid:4 security, bug fix, and enhancement update suserockylinuxdebian
CVE-2020-0569 medium 5.5 6y ago Moderate: qt5-qtbase and qt5-qtwebsockets security and bug fix update suserockylinuxdebian
CVE-2020-0570 medium 5.5 6y ago Moderate: qt5-qtbase and qt5-qtwebsockets security and bug fix update suserockylinuxdebian
CVE-2020-13962 medium 5.5 6y ago Moderate: qt5-qtbase and qt5-qtwebsockets security and bug fix update suserockylinuxdebian
CVE-2020-12052 medium 5.5 6y ago Moderate: grafana security, bug fix, and enhancement update suse
CVE-2020-14339 medium 5.5 6y ago Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update archsuserockylinuxdebian
CVE-2020-14301 medium 5.5 6y ago Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update rockylinuxdebian
CVE-2020-10703 medium 5.5 6y ago Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update archsuserockylinuxdebian
CVE-2020-1722 medium 5.5 6y ago Moderate: idm:DL1 and idm:client security, bug fix, and enhancement update debianrockylinux
CVE-2020-11087 medium 5.5 6y ago Moderate: freerdp and vinagre security, bug fix, and enhancement update debianrockylinux
CVE-2020-11019 medium 5.5 6y ago Moderate: freerdp and vinagre security, bug fix, and enhancement update debianrockylinux
CVE-2020-11039 medium 5.5 6y ago Moderate: freerdp and vinagre security, bug fix, and enhancement update debianrockylinux
CVE-2020-11086 medium 5.5 6y ago Moderate: freerdp and vinagre security, bug fix, and enhancement update debianrockylinux
CVE-2020-11525 medium 5.5 6y ago Moderate: freerdp and vinagre security, bug fix, and enhancement update archdebianrockylinuxalmalinux
CVE-2020-11044 medium 5.5 6y ago Moderate: freerdp and vinagre security, bug fix, and enhancement update archdebianrockylinux
CVE-2020-11048 medium 5.5 6y ago Moderate: freerdp and vinagre security, bug fix, and enhancement update archdebianrockylinux
CVE-2020-11058 medium 5.5 6y ago Moderate: freerdp and vinagre security, bug fix, and enhancement update debianrockylinux
CVE-2020-11522 medium 5.5 6y ago Moderate: freerdp and vinagre security, bug fix, and enhancement update archdebianrockylinuxalmalinux
CVE-2020-11089 medium 5.5 6y ago Moderate: freerdp and vinagre security, bug fix, and enhancement update debianrockylinuxalmalinux
CVE-2020-11047 medium 5.5 6y ago Moderate: freerdp and vinagre security, bug fix, and enhancement update archdebianrockylinux
CVE-2020-11085 medium 5.5 6y ago Moderate: freerdp and vinagre security, bug fix, and enhancement update debianrockylinux
CVE-2020-11088 medium 5.5 6y ago Moderate: freerdp and vinagre security, bug fix, and enhancement update debianrockylinuxalmalinux
CVE-2020-11046 medium 5.5 6y ago Moderate: freerdp and vinagre security, bug fix, and enhancement update archdebianrockylinux
CVE-2020-11041 medium 5.5 6y ago Moderate: freerdp and vinagre security, bug fix, and enhancement update debianrockylinux
CVE-2020-11040 medium 5.5 6y ago Moderate: freerdp and vinagre security, bug fix, and enhancement update debianrockylinux
CVE-2020-11049 medium 5.5 6y ago Moderate: freerdp and vinagre security, bug fix, and enhancement update archdebianrockylinux
CVE-2020-11042 medium 5.5 6y ago Moderate: freerdp and vinagre security, bug fix, and enhancement update archdebianrockylinux
CVE-2020-11018 medium 5.5 6y ago Moderate: freerdp and vinagre security, bug fix, and enhancement update debianrockylinux
CVE-2020-11038 medium 5.5 6y ago Moderate: freerdp and vinagre security, bug fix, and enhancement update debianrockylinux
CVE-2020-11526 medium 5.5 6y ago Moderate: freerdp and vinagre security, bug fix, and enhancement update archdebianrockylinuxalmalinux
CVE-2020-13396 medium 5.5 6y ago Moderate: freerdp and vinagre security, bug fix, and enhancement update archdebianrockylinuxalmalinux
CVE-2020-13397 medium 5.5 6y ago Moderate: freerdp and vinagre security, bug fix, and enhancement update archdebianrockylinuxalmalinux
CVE-2020-11043 medium 5.5 6y ago Moderate: freerdp and vinagre security, bug fix, and enhancement update debianrockylinux
CVE-2020-11045 medium 5.5 6y ago Moderate: freerdp and vinagre security, bug fix, and enhancement update archdebianrockylinux
CVE-2020-8492 medium 5.5 6y ago Moderate: python38:3.8 security, bug fix, and enhancement update suserockylinuxdebian
CVE-2020-14422 medium 5.5 6y ago Moderate: python38:3.8 security, bug fix, and enhancement update suserockylinuxdebian
CVE-2020-12831 medium 5.5 6y ago Moderate: frr security and bug fix update debian
CVE-2020-9802 medium 5.5 6y ago Moderate: GNOME security, bug fix, and enhancement update suserockylinuxdebianalmalinux
CVE-2020-3865 medium 5.5 6y ago Moderate: GNOME security, bug fix, and enhancement update suserockylinuxdebianalmalinux
CVE-2020-3885 medium 5.5 6y ago Moderate: GNOME security, bug fix, and enhancement update suserockylinuxdebianalmalinux
CVE-2020-9805 medium 5.5 6y ago Moderate: GNOME security, bug fix, and enhancement update suserockylinuxdebianalmalinux
CVE-2020-9850 medium 5.5 6y ago Moderate: GNOME security, bug fix, and enhancement update suserockylinuxdebianalmalinux
CVE-2020-3897 medium 5.5 6y ago Moderate: GNOME security, bug fix, and enhancement update suserockylinuxdebianalmalinux
CVE-2020-15503 medium 5.5 6y ago Moderate: GNOME security, bug fix, and enhancement update susedebianrockylinuxalmalinux
CVE-2020-9895 medium 5.5 6y ago Moderate: GNOME security, bug fix, and enhancement update suserockylinuxdebianalmalinux
CVE-2020-3901 medium 5.5 6y ago Moderate: GNOME security, bug fix, and enhancement update suserockylinuxdebianalmalinux
CVE-2020-9952 medium 5.5 6y ago Moderate: GNOME security, bug fix, and enhancement update suserockylinuxdebianalmalinux