18.04

DATE	CVE	VULNERABILITY TITLE	RISK
2020-02-25	CVE-2020-9383	Out-of-bounds Read vulnerability in multiple products An issue was discovered in the Linux kernel 3.16 through 5.5.6. local low complexity linux debian opensuse canonical netapp CWE-125	7.1
2020-02-24	CVE-2020-8130	OS Command Injection vulnerability in multiple products There is an OS command injection vulnerability in Ruby Rake < 12.3.3 in Rake::FileList when supplying a filename that begins with the pipe character `\|`. local high complexity ruby-lang debian canonical fedoraproject opensuse CWE-78	6.4
2020-02-24	CVE-2015-9542	Out-of-bounds Write vulnerability in multiple products add_password in pam_radius_auth.c in pam_radius 1.4.0 does not correctly check the length of the input password, and is vulnerable to a stack-based buffer overflow during memcpy(). network low complexity freeradius debian canonical CWE-787	5.0
2020-02-21	CVE-2020-9327	NULL Pointer Dereference vulnerability in multiple products In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations. network low complexity sqlite netapp canonical siemens oracle CWE-476	5.0
2020-02-20	CVE-2020-9308	Out-of-bounds Write vulnerability in multiple products archive_read_support_format_rar5.c in libarchive before 3.4.2 attempts to unpack a RAR5 file with an invalid or corrupted header (such as a header size of zero), leading to a SIGSEGV or possibly unspecified other impact. network low complexity libarchive canonical fedoraproject CWE-787	8.8
2020-02-19	CVE-2020-6062	NULL Pointer Dereference vulnerability in multiple products An exploitable denial-of-service vulnerability exists in the way CoTURN 4.5.1.1 web server parses POST requests. network low complexity coturn-project debian fedoraproject canonical CWE-476	7.5
2020-02-19	CVE-2020-6061	Out-of-bounds Read vulnerability in multiple products An exploitable heap out-of-bounds read vulnerability exists in the way CoTURN 4.5.1.1 web server parses POST requests. network low complexity coturn-project fedoraproject debian canonical CWE-125 critical	9.8
2020-02-14	CVE-2020-8992	Excessive Iteration vulnerability in multiple products ext4_protect_reserved_inode in fs/ext4/block_validity.c in the Linux kernel through 5.5.3 allows attackers to cause a denial of service (soft lockup) via a crafted journal size. local low complexity linux canonical opensuse netapp CWE-834	4.9
2020-02-12	CVE-2019-19921	Use of Incorrectly-Resolved Name or Reference vulnerability in multiple products runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. local high complexity linuxfoundation debian opensuse canonical redhat CWE-706	7.0
2020-02-11	CVE-2018-14553	NULL Pointer Dereference vulnerability in multiple products gdImageClone in gd.c in libgd 2.1.0-rc2 through 2.2.5 has a NULL pointer dereference allowing attackers to crash an application via a specific function call sequence. network low complexity libgd fedoraproject canonical debian opensuse CWE-476	7.5