Vulnerabilities > Canonical > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-03-02 | CVE-2020-6800 | Out-of-bounds Write vulnerability in multiple products Mozilla developers and community members reported memory safety bugs present in Firefox 72 and Firefox ESR 68.4. | 8.8 |
2020-03-02 | CVE-2019-17026 | Type Confusion vulnerability in multiple products Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion. | 8.8 |
2020-02-27 | CVE-2020-7062 | NULL Pointer Dereference vulnerability in multiple products In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when using file upload functionality, if upload progress tracking is enabled, but session.upload_progress.cleanup is set to 0 (disabled), and the file upload fails, the upload procedure would try to clean up data that does not exist and encounter null pointer dereference, which would likely lead to a crash. | 7.5 |
2020-02-26 | CVE-2020-9274 | Access of Uninitialized Pointer vulnerability in multiple products An issue was discovered in Pure-FTPd 1.0.49. | 7.5 |
2020-02-25 | CVE-2020-9383 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in the Linux kernel 3.16 through 5.5.6. | 7.1 |
2020-02-24 | CVE-2015-9542 | Out-of-bounds Write vulnerability in multiple products add_password in pam_radius_auth.c in pam_radius 1.4.0 does not correctly check the length of the input password, and is vulnerable to a stack-based buffer overflow during memcpy(). | 7.5 |
2020-02-21 | CVE-2020-9327 | NULL Pointer Dereference vulnerability in multiple products In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations. | 7.5 |
2020-02-20 | CVE-2020-9308 | Out-of-bounds Write vulnerability in multiple products archive_read_support_format_rar5.c in libarchive before 3.4.2 attempts to unpack a RAR5 file with an invalid or corrupted header (such as a header size of zero), leading to a SIGSEGV or possibly unspecified other impact. | 8.8 |
2020-02-19 | CVE-2015-7747 | Classic Buffer Overflow vulnerability in multiple products Buffer overflow in the afReadFrames function in audiofile (aka libaudiofile and Audio File Library) allows user-assisted remote attackers to cause a denial of service (program crash) or possibly execute arbitrary code via a crafted audio file, as demonstrated by sixteen-stereo-to-eight-mono.c. | 8.8 |
2020-02-19 | CVE-2020-6062 | NULL Pointer Dereference vulnerability in multiple products An exploitable denial-of-service vulnerability exists in the way CoTURN 4.5.1.1 web server parses POST requests. | 7.5 |