Ubuntu Linux

DATE	CVE	VULNERABILITY TITLE	RISK
2020-09-30	CVE-2020-14377	A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. local low complexity dpdk canonical opensuse	7.1
2020-09-30	CVE-2020-14376	Classic Buffer Overflow vulnerability in multiple products A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. local high complexity dpdk opensuse canonical CWE-120	7.8
2020-09-30	CVE-2020-14375	Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. local high complexity dpdk opensuse canonical CWE-367	7.8
2020-09-30	CVE-2020-26137	Injection vulnerability in multiple products urllib3 before 1.25.9 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of putrequest(). network low complexity python canonical debian oracle CWE-74	6.5
2020-09-27	CVE-2020-26116	Injection vulnerability in multiple products http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of HTTPConnection.request. network low complexity python fedoraproject canonical netapp debian oracle opensuse CWE-74	7.2
2020-09-24	CVE-2020-26088	Incorrect Default Permissions vulnerability in multiple products A missing CAP_NET_RAW check in NFC socket creation in net/nfc/rawsock.c in the Linux kernel before 5.8.2 could be used by local attackers to create raw sockets, bypassing security mechanisms, aka CID-26896f01467a. local low complexity linux debian opensuse canonical CWE-276	5.5
2020-09-23	CVE-2020-25739	Cross-site Scripting vulnerability in multiple products An issue was discovered in the gon gem before gon-6.4.0 for Ruby. network low complexity gon-project debian canonical CWE-79	6.1
2020-09-17	CVE-2019-20919	NULL Pointer Dereference vulnerability in multiple products An issue was discovered in the DBI module before 1.643 for Perl. local high complexity perl fedoraproject canonical debian opensuse CWE-476	4.7
2020-09-16	CVE-2020-14382	Out-of-bounds Write vulnerability in multiple products A vulnerability was found in upstream release cryptsetup-2.2.0 where, there's a bug in LUKS2 format validation code, that is effectively invoked on every device/image presenting itself as LUKS2 container. local low complexity cryptsetup-project redhat canonical fedoraproject CWE-787	7.8
2020-09-16	CVE-2020-14392	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An untrusted pointer dereference flaw was found in Perl-DBI < 1.643. local low complexity perl canonical opensuse fedoraproject debian CWE-119	5.5