12.04

DATE	CVE	VULNERABILITY TITLE	RISK
2020-01-23	CVE-2015-5278	Infinite Loop vulnerability in multiple products The ne2000_receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows attackers to cause a denial of service (infinite loop and instance crash) or possibly execute arbitrary code via vectors related to receiving packets. network low complexity qemu fedoraproject canonical arista CWE-835	6.5
2020-01-23	CVE-2015-5239	Infinite Loop vulnerability in multiple products Integer overflow in the VNC display driver in QEMU before 2.1.0 allows attachers to cause a denial of service (process crash) via a CLIENT_CUT_TEXT message, which triggers an infinite loop. network low complexity qemu fedoraproject canonical suse arista CWE-835	6.5
2020-01-21	CVE-2020-7595	Infinite Loop vulnerability in multiple products xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation. network low complexity xmlsoft fedoraproject canonical debian siemens netapp oracle CWE-835	7.5
2020-01-15	CVE-2019-15961	Resource Exhaustion vulnerability in multiple products A vulnerability in the email parsing module Clam AntiVirus (ClamAV) Software versions 0.102.0, 0.101.4 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. network low complexity clamav cisco debian canonical CWE-400	6.5
2020-01-08	CVE-2019-20367	Out-of-bounds Read vulnerability in multiple products nlist.c in libbsd before 0.10.0 has an out-of-bounds read during a comparison for a symbol name from the string table (strtab). network low complexity freedesktop debian canonical opensuse CWE-125 critical	9.1
2020-01-08	CVE-2019-5188	Out-of-bounds Write vulnerability in multiple products A code execution vulnerability exists in the directory rehashing functionality of E2fsprogs e2fsck 1.45.4. local low complexity e2fsprogs-project fedoraproject debian canonical opensuse netapp CWE-787	6.7
2020-01-02	CVE-2013-4532	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Qemu 1.1.2+dfsg to 2.1+dfsg suffers from a buffer overrun which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. local low complexity qemu canonical debian CWE-119	7.8
2019-12-31	CVE-2013-4357	Classic Buffer Overflow vulnerability in multiple products The eglibc package before 2.14 incorrectly handled the getaddrinfo() function. network low complexity eglibc novell debian canonical fedoraproject CWE-120	7.5
2019-12-30	CVE-2019-20079	Use After Free vulnerability in multiple products The autocmd feature in window.c in Vim before 8.1.2136 accesses freed memory. local low complexity vim canonical CWE-416	7.8
2019-12-24	CVE-2019-19956	Memory Leak vulnerability in multiple products xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related to newDoc->oldNs. network low complexity xmlsoft debian oracle fedoraproject canonical netapp siemens CWE-401	7.5