High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-04-17	CVE-2020-11868	Origin Validation Error vulnerability in multiple products ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, because transmissions are rescheduled even when a packet lacks a valid origin timestamp. network low complexity ntp redhat netapp debian opensuse CWE-346	7.5
2020-04-15	CVE-2019-12520	Improper Input Validation vulnerability in multiple products An issue was discovered in Squid through 4.7 and 5. network low complexity squid-cache canonical debian CWE-20	7.5
2020-04-15	CVE-2020-11728	Session Fixation vulnerability in multiple products An issue was discovered in DAViCal Andrew's Web Libraries (AWL) through 0.60. network low complexity davical debian CWE-384	7.5
2020-04-15	CVE-2020-2816	Vulnerability in the Java SE product of Oracle Java SE (component: JSSE). network low complexity oracle netapp canonical debian opensuse	7.5
2020-04-15	CVE-2020-2805	Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). network high complexity oracle netapp debian fedoraproject opensuse canonical	8.3
2020-04-15	CVE-2020-2803	Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). network high complexity oracle netapp debian fedoraproject opensuse canonical	8.3
2020-04-14	CVE-2020-5260	Insufficiently Protected Credentials vulnerability in multiple products Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. network low complexity git git-scm debian canonical fedoraproject opensuse CWE-522	7.5
2020-04-14	CVE-2020-11741	Missing Initialization of Resource vulnerability in multiple products An issue was discovered in xenoprof in Xen through 4.13.x, allowing guest OS users (with active profiling) to obtain sensitive information about other guests, cause a denial of service, or possibly gain privileges. local low complexity xen fedoraproject debian opensuse CWE-909	8.8
2020-04-14	CVE-2020-11739	Race Condition vulnerability in multiple products An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a denial of service or possibly gain privileges because of missing memory barriers in read-write unlock paths. local high complexity xen fedoraproject debian opensuse CWE-362	7.8
2020-04-13	CVE-2020-6455	Out-of-bounds Read vulnerability in multiple products Out of bounds read in WebSQL in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian fedoraproject opensuse CWE-125	8.8