18.04

DATE	CVE	VULNERABILITY TITLE	RISK
2020-05-28	CVE-2020-13645	Improper Certificate Validation vulnerability in multiple products In GNOME glib-networking through 2.64.2, the implementation of GTlsClientConnection skips hostname verification of the server's TLS certificate if the application fails to specify the expected server identity. network low complexity gnome canonical fedoraproject netapp broadcom CWE-295	6.5
2020-05-27	CVE-2020-13632	NULL Pointer Dereference vulnerability in multiple products ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query. local low complexity sqlite fedoraproject canonical netapp brocade debian siemens oracle CWE-476	5.5
2020-05-27	CVE-2020-13631	SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c. local low complexity sqlite fedoraproject canonical netapp brocade siemens apple oracle	5.5
2020-05-27	CVE-2020-13630	Use After Free vulnerability in multiple products ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature. local high complexity sqlite fedoraproject canonical netapp brocade debian siemens apple oracle CWE-416	7.0
2020-05-27	CVE-2020-13253	Out-of-bounds Read vulnerability in multiple products sd_wp_addr in hw/sd/sd.c in QEMU 4.2.0 uses an unvalidated address, which leads to an out-of-bounds read during sdhci_write() operations. local low complexity qemu canonical debian CWE-125	2.1
2020-05-26	CVE-2020-6831	Classic Buffer Overflow vulnerability in multiple products A buffer overflow could occur when parsing and validating SCTP chunks in WebRTC. network low complexity mozilla canonical debian opensuse CWE-120	7.5
2020-05-26	CVE-2020-12392	Path Traversal vulnerability in multiple products The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP POST data of a request, which can be controlled by the website. local low complexity mozilla canonical CWE-22	2.1
2020-05-26	CVE-2020-12395	Out-of-bounds Write vulnerability in multiple products Mozilla developers and community members reported memory safety bugs present in Firefox 75 and Firefox ESR 68.7. network low complexity mozilla canonical CWE-787 critical	10.0
2020-05-24	CVE-2020-13434	Integer Overflow or Wraparound vulnerability in multiple products SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c. local low complexity sqlite debian fedoraproject canonical freebsd oracle apple CWE-190	5.5
2020-05-22	CVE-2020-12397	Origin Validation Error vulnerability in multiple products By encoding Unicode whitespace characters within the From email header, an attacker can spoof the sender email address that Thunderbird displays. network low complexity mozilla canonical CWE-346	4.3