High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-11-06	CVE-2020-26521	NULL Pointer Dereference vulnerability in multiple products The JWT library in NATS nats-server before 2.1.9 allows a denial of service (a nil dereference in Go code). network low complexity linuxfoundation fedoraproject CWE-476	7.5
2020-07-10	CVE-2020-11081	Process Control vulnerability in Linuxfoundation Osquery osquery before version 4.4.0 enables a privilege escalation vulnerability. local low complexity linuxfoundation CWE-114	8.2
2020-06-22	CVE-2020-10736	Unspecified vulnerability in Linuxfoundation Ceph 15.2.0/15.2.1 An authorization bypass vulnerability was found in Ceph versions 15.2.0 before 15.2.2, where the ceph-mon and ceph-mgr daemons do not properly restrict access, resulting in gaining access to unauthorized resources. low complexity linuxfoundation	8.0
2020-04-22	CVE-2020-12059	NULL Pointer Dereference vulnerability in multiple products An issue was discovered in Ceph through 13.2.9. network low complexity linuxfoundation canonical CWE-476	7.5
2020-04-21	CVE-2020-1699	Path Traversal vulnerability in multiple products A path traversal flaw was found in the Ceph dashboard implemented in upstream versions v14.2.5, v14.2.6, v15.0.0 of Ceph storage and has been fixed in versions 14.2.7 and 15.1.0. network low complexity linuxfoundation redhat CWE-22	7.5
2020-03-10	CVE-2020-5258	Code Injection vulnerability in multiple products In affected versions of dojo (NPM package), the deepCopy method is vulnerable to Prototype Pollution. network high complexity linuxfoundation debian oracle CWE-94	7.7
2020-02-12	CVE-2019-19921	Use of Incorrectly-Resolved Name or Reference vulnerability in multiple products runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. local high complexity linuxfoundation debian opensuse canonical redhat CWE-706	7.0
2020-02-05	CVE-2020-6174	Improper Verification of Cryptographic Signature vulnerability in Linuxfoundation the Update Framework TUF (aka The Update Framework) through 0.12.1 has Improper Verification of a Cryptographic Signature. network low complexity linuxfoundation CWE-347	7.5
2019-09-25	CVE-2019-16884	Incorrect Authorization vulnerability in multiple products runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfs_linux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory. network low complexity linuxfoundation docker fedoraproject opensuse redhat canonical CWE-863	7.5
2019-07-22	CVE-2019-1010234	Improper Input Validation vulnerability in Linuxfoundation Open Network Operating System The Linux Foundation ONOS 1.15.0 and ealier is affected by: Improper Input Validation. network low complexity linuxfoundation CWE-20	7.5