Max CVSS 8.5 Min CVSS 4.0 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2019-20907 5.0
In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because _proc_pax lacks header validation.
21-07-2021 - 11:39 13-07-2020 - 13:15
CVE-2020-14422 4.3
Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a remote attacker to cause a denial of service if an application is affected by the performance of a dictionary
21-07-2021 - 11:39 18-06-2020 - 14:15
CVE-2020-1935 5.8
In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach to end-of-line parsing that allowed some invalid HTTP headers to be parsed as valid. This led to a possibility of HTTP Request Smug
04-05-2021 - 19:19 24-02-2020 - 22:15
CVE-2020-8177 4.6
curl 7.20.0 through 7.70.0 is vulnerable to improper restriction of names for files and other resources that can lead too overwriting a local file when the -J flag is used.
01-04-2021 - 00:15 14-12-2020 - 20:15
CVE-2020-14331 7.2
A flaw was found in the Linux kernel’s implementation of the invert video code on VGA consoles when a local attacker attempts to resize the console, calling an ioctl VT_RESIZE, which causes an out-of-bounds write to occur. This flaw allows a local us
13-01-2021 - 14:35 15-09-2020 - 19:15
CVE-2020-25637 7.2
A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit access control driver. Specifically, cl
04-12-2020 - 18:15 06-10-2020 - 14:15
CVE-2020-14352 8.5
A flaw was found in librepo in versions before 1.12.1. A directory traversal vulnerability was found where it failed to sanitize paths in remote repository metadata. An attacker controlling a remote repository may be able to copy files outside of the
09-11-2020 - 14:28 30-08-2020 - 15:15
CVE-2020-8624 4.0
In BIND 9.9.12 -> 9.9.13, 9.10.7 -> 9.10.8, 9.11.3 -> 9.11.21, 9.12.1 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.12-S1 -> 9.9.13-S1, 9.11.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker who has been granted privileges to ch
20-10-2020 - 12:15 21-08-2020 - 21:15
CVE-2020-14385 4.7
A flaw was found in the Linux kernel before 5.9-rc4. A failure of the file system metadata validator in XFS can cause an inode with a valid, user-creatable extended attribute to be flagged as corrupt. This can lead to the filesystem being shutdown, o
15-10-2020 - 23:15 15-09-2020 - 22:15
CVE-2020-25637 None
A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit access control driver. Specifically, cl
06-10-2020 - 14:36 06-10-2020 - 14:15
CVE-2020-17507 5.0
An issue was discovered in Qt through 5.12.9, and 5.13.x through 5.15.x before 5.15.1. read_xbm_body in gui/image/qxbmhandler.cpp has a buffer over-read.
30-09-2020 - 18:15 12-08-2020 - 18:15
CVE-2020-17507 5.0
An issue was discovered in Qt through 5.12.9, and 5.13.x through 5.15.x before 5.15.1. read_xbm_body in gui/image/qxbmhandler.cpp has a buffer over-read.
30-09-2020 - 18:15 12-08-2020 - 18:15
CVE-2020-14331 7.2
A flaw was found in the Linux kernel’s implementation of the invert video code on VGA consoles when a local attacker attempts to resize the console, calling an ioctl VT_RESIZE, which causes an out-of-bounds write to occur. This flaw allows a local us
28-09-2020 - 16:15 15-09-2020 - 19:15
CVE-2020-14385 4.7
A flaw was found in the Linux kernel before 5.9-rc4. A failure of the file system metadata validator in XFS can cause an inode with a valid, user-creatable extended attribute to be flagged as corrupt. This can lead to the filesystem being shutdown, o
28-09-2020 - 16:15 15-09-2020 - 22:15
CVE-2020-11078 4.3
In httplib2 before version 0.18.0, an attacker controlling unescaped part of uri for `httplib2.Http.request()` could change request headers and body, send additional hidden requests to same server. This vulnerability impacts software that uses httpli
19-08-2020 - 18:56 20-05-2020 - 16:15
Back to Top Mark selected
Back to Top