High

DATE	CVE	VULNERABILITY TITLE	RISK
2021-01-06	CVE-2020-36187	Deserialization of Untrusted Data vulnerability in multiple products FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource. network high complexity fasterxml netapp debian oracle CWE-502	8.1
2021-01-06	CVE-2020-36186	Deserialization of Untrusted Data vulnerability in multiple products FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource. network high complexity fasterxml netapp debian oracle CWE-502	8.1
2021-01-06	CVE-2020-36185	Deserialization of Untrusted Data vulnerability in multiple products FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource. network high complexity fasterxml netapp debian oracle CWE-502	8.1
2021-01-06	CVE-2020-36184	Deserialization of Untrusted Data vulnerability in multiple products FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource. network high complexity netapp debian oracle fasterxml CWE-502	8.1
2021-01-06	CVE-2020-36181	Deserialization of Untrusted Data vulnerability in multiple products FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS. network high complexity netapp debian oracle fasterxml CWE-502	8.1
2021-01-06	CVE-2020-8265	Use After Free vulnerability in multiple products Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 are vulnerable to a use-after-free bug in its TLS implementation. network high complexity nodejs debian fedoraproject oracle siemens CWE-416	8.1
2021-01-05	CVE-2020-27844	A flaw was found in openjpeg's src/lib/openjp2/t2.c in versions prior to 2.4.0. local low complexity uclouvain debian oracle	7.8
2021-01-04	CVE-2020-25275	Improper Input Validation vulnerability in multiple products Dovecot before 2.3.13 has Improper Input Validation in lda, lmtp, and imap, leading to an application crash via a crafted email message with certain choices for ten thousand MIME parts. network low complexity dovecot debian fedoraproject CWE-20	7.5
2021-01-04	CVE-2020-35965	Out-of-bounds Write vulnerability in multiple products decode_frame in libavcodec/exr.c in FFmpeg 4.3.1 has an out-of-bounds write because of errors in calculations of when to perform memset zero operations. network low complexity ffmpeg debian CWE-787	7.5
2020-12-27	CVE-2020-35728	Deserialization of Untrusted Data vulnerability in multiple products FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool (aka embedded Xalan in org.glassfish.web/javax.servlet.jsp.jstl). network high complexity fasterxml debian netapp oracle CWE-502	8.1