8.5.5

DATE	CVE	VULNERABILITY TITLE	RISK
2021-01-05	CVE-2020-27843	Out-of-bounds Read vulnerability in multiple products A flaw was found in OpenJPEG in versions prior to 2.4.0. local low complexity uclouvain fedoraproject oracle debian CWE-125	5.5
2021-01-05	CVE-2020-27842	There's a flaw in openjpeg's t2 encoder in versions prior to 2.4.0. local low complexity uclouvain fedoraproject debian redhat oracle	5.5
2021-01-05	CVE-2020-27841	There's a flaw in openjpeg in versions prior to 2.4.0 in src/lib/openjp2/pi.c. local low complexity uclouvain fedoraproject debian oracle	5.5
2020-06-29	CVE-2020-15389	Use After Free vulnerability in multiple products jp2/opj_decompress.c in OpenJPEG through 2.3.1 has a use-after-free that can be triggered if there is a mix of valid and invalid files in a directory operated on by the decompressor. network high complexity uclouvain debian oracle CWE-416	6.5
2020-06-27	CVE-2020-15358	Out-of-bounds Write vulnerability in multiple products In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation. local low complexity sqlite canonical apple oracle siemens CWE-787	5.5
2020-05-27	CVE-2020-13632	NULL Pointer Dereference vulnerability in multiple products ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query. local low complexity sqlite fedoraproject canonical netapp brocade debian siemens oracle CWE-476	5.5
2020-05-27	CVE-2020-13631	SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c. local low complexity sqlite fedoraproject canonical netapp brocade siemens apple oracle	5.5
2020-05-27	CVE-2020-13630	Use After Free vulnerability in multiple products ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature. local high complexity sqlite fedoraproject canonical netapp brocade debian siemens apple oracle CWE-416	7.0
2020-05-24	CVE-2020-13434	Integer Overflow or Wraparound vulnerability in multiple products SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c. local low complexity sqlite debian fedoraproject canonical freebsd oracle apple CWE-190	5.5
2020-04-09	CVE-2020-11656	Use After Free vulnerability in multiple products In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statement. network low complexity sqlite netapp oracle siemens tenable CWE-416 critical	9.8