20.04

DATE	CVE	VULNERABILITY TITLE	RISK
2020-04-29	CVE-2020-11884	Race Condition vulnerability in multiple products In the Linux kernel 4.19 through 5.6.7 on the s390 platform, code execution may occur because of a race condition, as demonstrated by code in enable_sacf_uaccess in arch/s390/lib/uaccess.c that fails to protect against a concurrent page table upgrade, aka CID-3f777e19d171. local high complexity linux canonical debian fedoraproject netapp CWE-362	7.0
2020-04-28	CVE-2020-12243	Uncontrolled Recursion vulnerability in multiple products In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash). network low complexity openldap debian opensuse canonical netapp broadcom apple oracle CWE-674	5.0
2020-04-28	CVE-2020-12284	Out-of-bounds Write vulnerability in multiple products cbs_jpeg_split_fragment in libavcodec/cbs_jpeg.c in FFmpeg 4.1 and 4.2.2 has a heap-based buffer overflow during JPEG_MARKER_SOS handling because of a missing length check. network low complexity ffmpeg canonical debian CWE-787 critical	10.0
2020-04-23	CVE-2020-11945	Integer Overflow or Wraparound vulnerability in multiple products An issue was discovered in Squid before 5.0.2. network low complexity squid-cache debian opensuse fedoraproject canonical CWE-190 critical	9.8
2020-04-22	CVE-2020-1983	Use After Free vulnerability in multiple products A use after free vulnerability in ip_reass() in ip_input.c of libslirp 4.2.0 and prior releases allows crafted packets to cause a denial of service. local low complexity libslirp-project fedoraproject debian opensuse canonical CWE-416	6.5
2020-04-22	CVE-2020-12066	Improper Input Validation vulnerability in multiple products CServer::SendMsg in engine/server/server.cpp in Teeworlds 0.7.x before 0.7.5 allows remote attackers to shut down the server. network low complexity teeworlds opensuse fedoraproject debian canonical CWE-20	7.5
2020-04-21	CVE-2020-11958	Out-of-bounds Write vulnerability in multiple products re2c 1.3 has a heap-based buffer overflow in Scanner::fill in parse/scanner.cc via a long lexeme. local low complexity re2c canonical CWE-787	7.8
2020-04-17	CVE-2020-0067	Out-of-bounds Read vulnerability in multiple products In f2fs_xattr_generic_list of xattr.c, there is a possible out of bounds read due to a missing bounds check. local low complexity google canonical CWE-125	2.1
2020-04-15	CVE-2019-12519	Out-of-bounds Write vulnerability in multiple products An issue was discovered in Squid through 4.7. network low complexity squid-cache debian canonical opensuse CWE-787	7.5
2020-04-15	CVE-2019-12521	Out-of-bounds Write vulnerability in multiple products An issue was discovered in Squid through 4.7. network squid-cache canonical debian opensuse CWE-787	4.3