canonical

4,226 tracked vulnerabilities.

CVE-2020-9402 HIGH NUCLEI
Django 1.11-1.11.28, 2.2-2.2.10, 3.0-3.0.3 - SQL Injection via GIS Tolerance Parameter
Mar 05, 2020
CVSS 8.8
EPSS 0.88
CVE-2020-10029 MEDIUM
glibc < 2.32 - Out-of-bounds Write in Long Double Range Reduction
Mar 04, 2020
CVSS 5.5
EPSS 0.00
CVE-2020-10018 CRITICAL
WebKitGTK and WPE WebKit < 2.28.0 - Use-After-Free
Mar 02, 2020
CVSS 9.8
EPSS 0.03
CVE-2020-6801 HIGH
Firefox < 73.0 - Out-of-bounds Write
Mar 02, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-6800 HIGH
Firefox < 73.0 and Firefox ESR < 68.5.0 - Out-of-bounds Write
Mar 02, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-6794 MEDIUM
Thunderbird <68.5 - Info Disclosure
Mar 02, 2020
CVSS 6.5
EPSS 0.00
CVE-2020-6792 MEDIUM
Thunderbird < 68.5.0 - Information Disclosure via Uninitialized Memory in Email Identifier Derivation
Mar 02, 2020
CVSS 4.3
EPSS 0.01
CVE-2020-7062 HIGH
PHP 7.2.0-7.2.27, 7.3.0-7.3.14, 7.4.0-7.4.2 - Denial of Service via File Upload Progress Cleanup
Feb 27, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-9274 HIGH NUCLEI
Pure-FTPd < 1.0.50 - Use-After-Free in diraliases Linked List
Feb 26, 2020
CVSS 7.5
EPSS 0.12
CVE-2020-8794 CRITICAL
OpenSMTPD OOB Read Local Privilege Escalation
Feb 25, 2020
CVSS 9.8
EPSS 0.88
CVE-2020-8793 MEDIUM
OpenSMTPD < 6.6.4 - Local Arbitrary File Read via Race Condition in makemap.c and smtpd.c
Feb 25, 2020
CVSS 4.7
EPSS 0.01
CVE-2020-9383 HIGH
Linux Kernel 3.16-5.5.6 - Out-of-bounds Read in Floppy Disk Driver
Feb 25, 2020
CVSS 7.1
EPSS 0.00
CVE-2020-1935 MEDIUM
Apache Tomcat 7.0.0-7.0.99, 8.5.0-8.5.50, 9.0.0.M1-9.0.30 - HTTP Request Smuggling via Invalid Transfer-Encoding Header
Feb 24, 2020
CVSS 4.8
EPSS 0.01
CVE-2020-8130 MEDIUM
Ruby Rake < 12.3.3 - Command Injection
Feb 24, 2020
CVSS 6.4
EPSS 0.01
CVE-2020-9327 HIGH
Sqlite < 1.0.1.1 - NULL Pointer Dereference
Feb 21, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-9308 HIGH
libarchive 3.4.0-3.4.1 - Out-of-bounds Write in RAR5 Header Parsing
Feb 20, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-6062 HIGH
coturn 4.5.1.1 - Denial of Service via Malformed HTTP POST Request
Feb 19, 2020
CVSS 7.5
EPSS 0.08
CVE-2020-6061 CRITICAL
coturn 4.5.1.1 - Heap Out-of-bounds Read via HTTP POST Request Parsing
Feb 19, 2020
CVSS 9.8
EPSS 0.02
CVE-2020-8992 MEDIUM
Linux Kernel < 5.5.3 - Denial of Service via Crafted Journal Size
Feb 14, 2020
CVSS 5.5
EPSS 0.00
CVE-2020-5529 HIGH
HtmlUnit < 2.37.0 - Remote Code Execution via Improper Rhino Engine Initialization
Feb 11, 2020
CVSS 8.1
EPSS 0.02
CVE-2020-1700 MEDIUM
Ceph - Authenticated Denial of Service via RGW Beast Front-End Disconnect Handling
Feb 07, 2020
CVSS 6.5
EPSS 0.00
CVE-2020-8648 HIGH
Linux kernel <5.5.2 - Use After Free
Feb 06, 2020
CVSS 7.1
EPSS 0.00
CVE-2020-3123 HIGH
ClamAV 0.102.0-0.102.1 - Denial of Service via Crafted Email File in DLP Module
Feb 05, 2020
CVSS 7.5
EPSS 0.02
CVE-2020-8632 MEDIUM
cloud-init < 19.4 - Weak Password Requirements in rand_user_password
Feb 05, 2020
CVSS 5.5
EPSS 0.00
CVE-2020-8631 MEDIUM
cloud-init < 19.4 - Use of Insufficiently Random Values in Password Generation
Feb 05, 2020
CVSS 5.5
EPSS 0.00
Products
ubuntu_linux 4,106 juju 20 lxd 19 apport 17 snapd 16 cloud-init 9 Juju 7 metal_as_a_service 5 accountsservice 4 authd 4 ubuntu_core 4 ubuntu_touch 4 landscape 3 maas 3 multipass 3 subiquity 3 Ubuntu 2 acpi-support 2 lxcfs 2 software-properties 2 ubuntu 2 ubuntu_desktop_provision 2 unity-firefox-extension 2 update-manager 2 Ubuntu 16.04 LTS 1 Ubuntu 18.04 LTS 1 Ubuntu 20.04 LTS 1 Ubuntu 22.04 LTS 1 Ubuntu 24.04 LTS 1 Ubuntu Linux 1
Quick Filters
Critical CVEs With Exploits In CISA KEV