High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-06-17	CVE-2018-21247	Missing Initialization of Resource vulnerability in multiple products An issue was discovered in LibVNCServer before 0.9.13. network low complexity libvnc-project canonical debian siemens opensuse CWE-909	7.5
2020-06-11	CVE-2020-0198	Integer Overflow or Wraparound vulnerability in multiple products In exif_data_load_data_content of exif-data.c, there is a possible UBSAN abort due to an integer overflow. network low complexity google debian canonical fedoraproject libexif-project CWE-190	7.5
2020-06-09	CVE-2020-10757	Type Confusion vulnerability in multiple products A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages. local low complexity linux opensuse redhat fedoraproject debian canonical netapp CWE-843	7.8
2020-06-09	CVE-2020-13974	Integer Overflow or Wraparound vulnerability in multiple products An issue was discovered in the Linux kernel 4.4 through 5.7.1. local low complexity linux debian canonical CWE-190	7.8
2020-06-08	CVE-2020-13625	Improper Encoding or Escaping of Output vulnerability in multiple products PHPMailer before 6.1.6 contains an output escaping bug when the name of a file attachment contains a double quote character. network low complexity phpmailer-project fedoraproject canonical debian CWE-116	7.5
2020-06-08	CVE-2020-12695	Incorrect Default Permissions vulnerability in multiple products The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue. network high complexity ui w1-fi asus broadcom canon cisco dlink dell epson hp huawei nec netgear ruckussecurity tp-link zte zyxel microsoft fedoraproject debian canonical CWE-276	7.5
2020-06-04	CVE-2020-13777	Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting a session ticket (a loss of confidentiality in TLS 1.2, and an authentication bypass in TLS 1.3). network high complexity gnu fedoraproject canonical debian CWE-327	7.4
2020-06-02	CVE-2020-7663	websocket-extensions ruby module prior to 0.1.5 allows Denial of Service (DoS) via Regex Backtracking. network low complexity websocket-extensions-project debian canonical	7.5
2020-06-01	CVE-2020-13757	Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products Python-RSA before 4.1 ignores leading '\0' bytes during decryption of ciphertext. network low complexity python-rsa-project fedoraproject canonical CWE-327	7.5
2020-05-27	CVE-2020-10936	Improper Privilege Management vulnerability in multiple products Sympa before 6.2.56 allows privilege escalation. local low complexity sympa fedoraproject debian canonical CWE-269	7.8