High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-08-19	CVE-2020-14356	NULL Pointer Dereference vulnerability in multiple products A flaw null pointer dereference in the Linux kernel cgroupv2 subsystem in versions before 5.7.10 was found in the way when reboot the system. local low complexity linux redhat opensuse debian canonical netapp CWE-476	7.8
2020-08-17	CVE-2020-13933	Apache Shiro before 1.6.0, when using Apache Shiro, a specially crafted HTTP request may cause an authentication bypass. network low complexity apache debian	7.5
2020-08-13	CVE-2020-16303	Use After Free vulnerability in multiple products A use-after-free vulnerability in xps_finish_image_path() in devices/vector/gdevxps.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted PDF file. local low complexity artifex debian canonical CWE-416	7.8
2020-08-12	CVE-2020-12674	Out-of-bounds Read vulnerability in multiple products In Dovecot before 2.3.11.3, sending a specially formatted RPA request will crash the auth service because a length of zero is mishandled. network low complexity dovecot debian canonical fedoraproject CWE-125	7.5
2020-08-12	CVE-2020-12673	Out-of-bounds Read vulnerability in multiple products In Dovecot before 2.3.11.3, sending a specially formatted NTLM request will crash the auth service because of an out-of-bounds read. network low complexity dovecot debian canonical fedoraproject CWE-125	7.5
2020-08-12	CVE-2020-12100	Uncontrolled Recursion vulnerability in multiple products In Dovecot before 2.3.11.3, uncontrolled recursion in submission, lmtp, and lda allows remote attackers to cause a denial of service (resource consumption) via a crafted e-mail message with deeply nested MIME parts. network low complexity dovecot debian fedoraproject canonical CWE-674	7.5
2020-08-11	CVE-2020-17367	Argument Injection or Modification vulnerability in multiple products Firejail through 0.9.62 does not honor the -- end-of-options indicator after the --output option, which may lead to command injection. local low complexity firejail-project debian fedoraproject opensuse CWE-88	7.8
2020-08-07	CVE-2020-9490	HTTP Request Smuggling vulnerability in multiple products Apache HTTP Server versions 2.4.20 to 2.4.43. network low complexity apache oracle opensuse debian fedoraproject canonical redhat CWE-444	7.5
2020-08-07	CVE-2020-11993	HTTP Request Smuggling vulnerability in multiple products Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools. network low complexity apache netapp canonical opensuse debian fedoraproject oracle CWE-444	7.5
2020-08-06	CVE-2020-16845	Infinite Loop vulnerability in multiple products Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs. network low complexity golang opensuse debian fedoraproject CWE-835	7.5