Vulnerabilities > Canonical > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-08-12 | CVE-2020-12100 | Uncontrolled Recursion vulnerability in multiple products In Dovecot before 2.3.11.3, uncontrolled recursion in submission, lmtp, and lda allows remote attackers to cause a denial of service (resource consumption) via a crafted e-mail message with deeply nested MIME parts. | 7.5 |
2020-08-10 | CVE-2020-15659 | Out-of-bounds Write vulnerability in multiple products Mozilla developers and community members reported memory safety bugs present in Firefox 78 and Firefox ESR 78.0. | 8.8 |
2020-08-10 | CVE-2020-15656 | Type Confusion vulnerability in multiple products JIT optimizations involving the Javascript arguments object could confuse later optimizations. | 8.8 |
2020-08-07 | CVE-2020-9490 | HTTP Request Smuggling vulnerability in multiple products Apache HTTP Server versions 2.4.20 to 2.4.43. | 7.5 |
2020-08-07 | CVE-2020-11993 | HTTP Request Smuggling vulnerability in multiple products Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools. | 7.5 |
2020-08-06 | CVE-2020-15702 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Canonical Apport TOCTOU Race Condition vulnerability in apport allows a local attacker to escalate privileges and execute arbitrary code. | 7.0 |
2020-07-21 | CVE-2020-15890 | Out-of-bounds Read vulnerability in multiple products LuaJit through 2.1.0-beta3 has an out-of-bounds read because __gc handler frame traversal is mishandled. | 7.5 |
2020-07-20 | CVE-2020-3481 | NULL Pointer Dereference vulnerability in multiple products A vulnerability in the EGG archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.0 - 0.102.3 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. | 7.5 |
2020-07-15 | CVE-2020-14697 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). | 7.2 |
2020-07-15 | CVE-2020-14678 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). | 7.2 |