18.04

DATE	CVE	VULNERABILITY TITLE	RISK
2020-10-02	CVE-2020-7069	Inadequate Encryption Strength vulnerability in multiple products In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when AES-CCM mode is used with openssl_encrypt() function with 12 bytes IV, only first 7 bytes of the IV is actually used. network low complexity php fedoraproject debian opensuse canonical netapp oracle tenable CWE-326	6.5
2020-09-30	CVE-2020-26137	Injection vulnerability in multiple products urllib3 before 1.25.9 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of putrequest(). network low complexity python canonical debian oracle CWE-74	6.5
2020-09-27	CVE-2020-26116	Injection vulnerability in multiple products http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of HTTPConnection.request. network low complexity python fedoraproject canonical netapp debian oracle opensuse CWE-74	7.2
2020-09-24	CVE-2020-26088	Incorrect Default Permissions vulnerability in multiple products A missing CAP_NET_RAW check in NFC socket creation in net/nfc/rawsock.c in the Linux kernel before 5.8.2 could be used by local attackers to create raw sockets, bypassing security mechanisms, aka CID-26896f01467a. local low complexity linux debian opensuse canonical CWE-276	2.1
2020-09-23	CVE-2020-25739	Cross-site Scripting vulnerability in multiple products An issue was discovered in the gon gem before gon-6.4.0 for Ruby. network low complexity gon-project debian canonical CWE-79	6.1
2020-09-17	CVE-2019-20919	NULL Pointer Dereference vulnerability in multiple products An issue was discovered in the DBI module before 1.643 for Perl. local high complexity perl fedoraproject canonical debian opensuse CWE-476	4.7
2020-09-16	CVE-2020-14392	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An untrusted pointer dereference flaw was found in Perl-DBI < 1.643. local low complexity perl canonical opensuse fedoraproject debian CWE-119	5.5
2020-09-15	CVE-2020-14385	Incorrect Calculation of Buffer Size vulnerability in multiple products A flaw was found in the Linux kernel before 5.9-rc4. local low complexity linux debian canonical CWE-131	5.5
2020-09-15	CVE-2020-14314	Out-of-bounds Read vulnerability in multiple products A memory out-of-bounds read flaw was found in the Linux kernel before 5.9-rc2 with the ext3/ext4 file system, in the way it accesses a directory with broken indexing. local low complexity linux debian canonical starwindsoftware CWE-125	5.5
2020-09-15	CVE-2020-14345	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A flaw was found in X.Org Server before xorg-x11-server 1.20.9. local low complexity x-org canonical CWE-119	7.8