High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-11-07	CVE-2020-16122	Insufficient Verification of Data Authenticity vulnerability in multiple products PackageKit's apt backend mistakenly treated all local debs as trusted. local low complexity packagekit-project canonical CWE-345	7.8
2020-11-06	CVE-2020-15708	Incorrect Permission Assignment for Critical Resource vulnerability in Canonical Ubuntu Linux 20.04 Ubuntu's packaging of libvirt in 20.04 LTS created a control socket with world read and write permissions. local low complexity canonical CWE-732	7.8
2020-09-30	CVE-2020-14374	Classic Buffer Overflow vulnerability in multiple products A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. local low complexity dpdk opensuse canonical CWE-120	8.8
2020-09-27	CVE-2020-26116	Injection vulnerability in multiple products http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of HTTPConnection.request. network low complexity python fedoraproject canonical netapp debian oracle opensuse CWE-74	7.2
2020-09-16	CVE-2020-14382	Out-of-bounds Write vulnerability in multiple products A vulnerability was found in upstream release cryptsetup-2.2.0 where, there's a bug in LUKS2 format validation code, that is effectively invoked on every device/image presenting itself as LUKS2 container. local low complexity cryptsetup-project redhat canonical fedoraproject CWE-787	7.8
2020-09-15	CVE-2020-14362	Integer Underflow (Wrap or Wraparound) vulnerability in multiple products A flaw was found in X.Org Server before xorg-x11-server 1.20.9. local low complexity x-org redhat canonical CWE-191	7.8
2020-09-15	CVE-2020-14361	Integer Underflow (Wrap or Wraparound) vulnerability in multiple products A flaw was found in X.Org Server before xorg-x11-server 1.20.9. local low complexity x-org redhat canonical CWE-191	7.8
2020-09-15	CVE-2020-14346	Integer Underflow (Wrap or Wraparound) vulnerability in multiple products A flaw was found in xorg-x11-server before 1.20.9. local low complexity x-org redhat canonical CWE-191	7.8
2020-09-15	CVE-2020-14345	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A flaw was found in X.Org Server before xorg-x11-server 1.20.9. local low complexity x-org canonical CWE-119	7.8
2020-09-09	CVE-2020-25219	Uncontrolled Recursion vulnerability in multiple products url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger uncontrolled recursion via a response composed of an infinite stream that lacks a newline character. network low complexity libproxy-project debian fedoraproject opensuse canonical CWE-674	7.5