High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-04-24	CVE-2019-15791	Integer Underflow (Wrap or Wraparound) vulnerability in multiple products In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, shiftfs_btrfs_ioctl_fd_replace() installs an fd referencing a file from the lower filesystem without taking an additional reference to that file. local low complexity linux canonical CWE-191	7.8
2020-04-22	CVE-2020-12066	Improper Input Validation vulnerability in multiple products CServer::SendMsg in engine/server/server.cpp in Teeworlds 0.7.x before 0.7.5 allows remote attackers to shut down the server. network low complexity teeworlds opensuse fedoraproject debian canonical CWE-20	7.5
2020-04-22	CVE-2020-12059	NULL Pointer Dereference vulnerability in multiple products An issue was discovered in Ceph through 13.2.9. network low complexity linuxfoundation canonical CWE-476	7.5
2020-04-21	CVE-2020-11008	Insufficiently Protected Credentials vulnerability in multiple products Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. network low complexity git-scm debian canonical fedoraproject CWE-522	7.5
2020-04-21	CVE-2020-11958	Out-of-bounds Write vulnerability in multiple products re2c 1.3 has a heap-based buffer overflow in Scanner::fill in parse/scanner.cc via a long lexeme. local low complexity re2c canonical CWE-787	7.8
2020-04-17	CVE-2020-1751	Out-of-bounds Write vulnerability in multiple products An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. local high complexity gnu redhat canonical CWE-787	7.0
2020-04-17	CVE-2020-11793	Use After Free vulnerability in multiple products A use-after-free issue exists in WebKitGTK before 2.28.1 and WPE WebKit before 2.28.1 via crafted web content that allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash). network low complexity wpewebkit webkitgtk canonical fedoraproject opensuse CWE-416	8.8
2020-04-17	CVE-2019-7306	Files or Directories Accessible to External Parties vulnerability in multiple products Byobu Apport hook may disclose sensitive information since it automatically uploads the local user's .screenrc which may contain private hostnames, usernames and passwords. network low complexity byobu canonical CWE-552	7.5
2020-04-15	CVE-2019-12520	Improper Input Validation vulnerability in multiple products An issue was discovered in Squid through 4.7 and 5. network low complexity squid-cache canonical debian CWE-20	7.5
2020-04-15	CVE-2020-2816	Vulnerability in the Java SE product of Oracle Java SE (component: JSSE). network low complexity oracle netapp canonical debian opensuse	7.5