High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-09-15	CVE-2020-14346	Integer Underflow (Wrap or Wraparound) vulnerability in multiple products A flaw was found in xorg-x11-server before 1.20.9. local low complexity x-org redhat canonical CWE-191	7.8
2020-09-15	CVE-2020-14345	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A flaw was found in X.Org Server before xorg-x11-server 1.20.9. local low complexity x-org canonical CWE-119	7.8
2020-09-09	CVE-2020-25219	Uncontrolled Recursion vulnerability in multiple products url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger uncontrolled recursion via a response composed of an infinite stream that lacks a newline character. network low complexity libproxy-project debian fedoraproject opensuse canonical CWE-674	7.5
2020-09-04	CVE-2020-24659	NULL Pointer Dereference vulnerability in multiple products An issue was discovered in GnuTLS before 3.6.15. network low complexity gnu fedoraproject opensuse canonical CWE-476	7.5
2020-09-03	CVE-2020-7729	Insecure Default Initialization of Resource vulnerability in multiple products The package grunt before 1.3.0 are vulnerable to Arbitrary Code Execution due to the default usage of the function load() instead of its secure replacement safeLoad() of the package js-yaml inside grunt.file.readYAML. network high complexity gruntjs debian canonical CWE-1188	7.1
2020-09-01	CVE-2020-24584	Incorrect Default Permissions vulnerability in multiple products An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 (when Python 3.7+ is used). network low complexity djangoproject canonical fedoraproject oracle CWE-276	7.5
2020-09-01	CVE-2020-24583	Incorrect Default Permissions vulnerability in multiple products An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 (when Python 3.7+ is used). network low complexity djangoproject canonical fedoraproject oracle CWE-276	7.5
2020-08-31	CVE-2020-25031	Link Following vulnerability in Canonical Checkinstall 1.6.2 checkinstall 1.6.2, when used to create a package that contains a symlink, may trigger the creation of a mode 0777 executable file. local low complexity canonical CWE-59	7.2
2020-08-24	CVE-2020-24606	Improper Locking vulnerability in multiple products Squid before 4.13 and 5.x before 5.0.4 allows a trusted peer to perform Denial of Service by consuming all available CPU cycles during handling of a crafted Cache Digest response message. network low complexity squid-cache canonical debian fedoraproject opensuse CWE-667	7.5
2020-08-24	CVE-2020-14350	Untrusted Search Path vulnerability in multiple products It was found that some PostgreSQL extensions did not use search_path safely in their installation script. local low complexity postgresql debian opensuse canonical CWE-426	7.3