Shodan
Vulnerabilities
Vulnerable Software
Canonical:  >> Ubuntu Linux  >> 18.04  Security Vulnerabilities
CVE-2020-10753
A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gateway). The vulnerability is related to the injection of HTTP headers via a CORS ExposeHeader tag. The newline character in the ExposeHeader tag in the CORS configuration file generates a header injection in the response when the CORS request is made. Ceph versions 3.x and 4.x are vulnerable to this issue.
CVSS Score
5.4
EPSS Score
0.004
Published
2020-06-26
CVE-2020-15305
An issue was discovered in OpenEXR before 2.5.2. Invalid input could cause a use-after-free in DeepScanLineInputFile::DeepScanLineInputFile() in IlmImf/ImfDeepScanLineInputFile.cpp.
CVSS Score
5.5
EPSS Score
0.001
Published
2020-06-26
CVE-2020-15306
An issue was discovered in OpenEXR before v2.5.2. Invalid chunkCount attributes could cause a heap buffer overflow in getChunkOffsetTableSize() in IlmImf/ImfMisc.cpp.
CVSS Score
5.5
EPSS Score
0.001
Published
2020-06-26
CVE-2020-5967
NVIDIA Linux GPU Display Driver, all versions, contains a vulnerability in the UVM driver, in which a race condition may lead to a denial of service.
CVSS Score
4.7
EPSS Score
0.0
Published
2020-06-25
CVE-2020-10177
Pillow before 7.1.0 has multiple out-of-bounds reads in libImaging/FliDecode.c.
CVSS Score
5.5
EPSS Score
0.001
Published
2020-06-25
CVE-2020-10378
In libImaging/PcxDecode.c in Pillow before 7.1.0, an out-of-bounds read can occur when reading PCX files where state->shuffle is instructed to read beyond state->buffer.
CVSS Score
5.5
EPSS Score
0.003
Published
2020-06-25
CVE-2020-10994
In libImaging/Jpeg2KDecode.c in Pillow before 7.1.0, there are multiple out-of-bounds reads via a crafted JP2 file.
CVSS Score
5.5
EPSS Score
0.004
Published
2020-06-25
CVE-2020-11538
In libImaging/SgiRleDecode.c in Pillow through 7.0.0, a number of out-of-bounds reads exist in the parsing of SGI image files, a different issue than CVE-2020-5311.
CVSS Score
8.1
EPSS Score
0.004
Published
2020-06-25
CVE-2020-5963
NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the Inter Process Communication APIs, in which improper access control may lead to code execution, denial of service, or information disclosure.
CVSS Score
7.8
EPSS Score
0.001
Published
2020-06-25
CVE-2020-12862
An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-082.
CVSS Score
4.3
EPSS Score
0.002
Published
2020-06-24


Products
Pricing
Contact Us

Shodan ® - All rights reserved