High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-09-15	CVE-2020-14346	Integer Underflow (Wrap or Wraparound) vulnerability in multiple products A flaw was found in xorg-x11-server before 1.20.9. local low complexity x-org redhat canonical CWE-191	7.8
2020-09-15	CVE-2020-14345	A flaw was found in X.Org Server before xorg-x11-server 1.20.9. local low complexity x-org canonical	7.8
2020-09-09	CVE-2020-25219	Uncontrolled Recursion vulnerability in multiple products url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger uncontrolled recursion via a response composed of an infinite stream that lacks a newline character. network low complexity libproxy-project debian fedoraproject opensuse canonical CWE-674	7.5
2020-09-09	CVE-2020-25212	Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products A TOCTOU mismatch in the NFS client code in the Linux kernel before 5.8.3 could be used by local attackers to corrupt memory or possibly have unspecified other impact because a size check is in fs/nfs/nfs4proc.c instead of fs/nfs/nfs4xdr.c, aka CID-b4487b935452. local high complexity linux debian opensuse canonical CWE-367	7.0
2020-09-04	CVE-2020-24659	NULL Pointer Dereference vulnerability in multiple products An issue was discovered in GnuTLS before 3.6.15. network low complexity gnu fedoraproject opensuse canonical CWE-476	7.5
2020-09-01	CVE-2020-24584	Incorrect Default Permissions vulnerability in multiple products An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 (when Python 3.7+ is used). network low complexity djangoproject canonical fedoraproject oracle CWE-276	7.5
2020-09-01	CVE-2020-24583	Incorrect Default Permissions vulnerability in multiple products An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 (when Python 3.7+ is used). network low complexity djangoproject canonical fedoraproject oracle CWE-276	7.5
2020-08-31	CVE-2020-25031	Link Following vulnerability in Canonical Checkinstall 1.6.2 checkinstall 1.6.2, when used to create a package that contains a symlink, may trigger the creation of a mode 0777 executable file. local low complexity canonical CWE-59	7.8
2020-08-24	CVE-2020-24606	Improper Locking vulnerability in multiple products Squid before 4.13 and 5.x before 5.0.4 allows a trusted peer to perform Denial of Service by consuming all available CPU cycles during handling of a crafted Cache Digest response message. network low complexity squid-cache canonical debian fedoraproject opensuse CWE-667	7.5
2020-08-24	CVE-2020-14350	Untrusted Search Path vulnerability in multiple products It was found that some PostgreSQL extensions did not use search_path safely in their installation script. local low complexity postgresql debian opensuse canonical CWE-426	7.3