High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-03-16	CVE-2020-7919	Improper Certificate Validation vulnerability in multiple products Go before 1.12.16 and 1.13.x before 1.13.7 (and the crypto/cryptobyte package before 0.0.0-20200124225646-8b5121be2f68 for Go) allows attacks on clients (resulting in a panic) via a malformed X.509 certificate. network low complexity golang debian fedoraproject netapp CWE-295	7.5
2020-03-12	CVE-2020-0556	Improper access control in subsystem for BlueZ before version 5.54 may allow an unauthenticated user to potentially enable escalation of privilege and denial of service via adjacent access low complexity bluez canonical debian opensuse	7.1
2020-03-12	CVE-2020-10531	Integer Overflow or Wraparound vulnerability in multiple products An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. network low complexity icu-project redhat google fedoraproject debian canonical opensuse oracle nodejs CWE-190	8.8
2020-03-10	CVE-2020-0034	Out-of-bounds Read vulnerability in multiple products In vp8_decode_frame of decodeframe.c, there is a possible out of bounds read due to improper input validation. network low complexity google debian CWE-125	7.5
2020-03-05	CVE-2020-9402	SQL Injection vulnerability in multiple products Django 1.11 before 1.11.29, 2.2 before 2.2.11, and 3.0 before 3.0.4 allows SQL Injection if untrusted data is used as a tolerance parameter in GIS functions and aggregates on Oracle. network low complexity djangoproject debian fedoraproject netapp canonical CWE-89	8.8
2020-03-04	CVE-2020-8659	Allocation of Resources Without Limits or Throttling vulnerability in multiple products CNCF Envoy through 1.13.0 may consume excessive amounts of memory when proxying HTTP/1.1 requests or responses with many small (i.e. network low complexity cncf redhat debian CWE-770	7.5
2020-03-02	CVE-2020-9549	Out-of-bounds Write vulnerability in multiple products In PDFResurrect 0.12 through 0.19, get_type in pdf.c has an out-of-bounds write via a crafted PDF document. local low complexity pdfresurrect-project debian CWE-787	7.8
2020-02-28	CVE-2020-5247	In Puma (RubyGem) before 4.3.2 and before 3.12.3, if an application using Puma allows untrusted input in a response header, an attacker can use newline characters (i.e. network low complexity ruby-lang puma debian fedoraproject	7.5
2020-02-28	CVE-2019-10064	Insufficient Entropy vulnerability in multiple products hostapd before 2.6, in EAP mode, makes calls to the rand() and random() standard library functions without any preceding srand() or srandom() call, which results in inappropriate use of deterministic values. network low complexity w1-fi debian CWE-331	7.5
2020-02-27	CVE-2020-9431	Memory Leak vulnerability in multiple products In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the LTE RRC dissector could leak memory. network low complexity wireshark opensuse fedoraproject debian CWE-401	7.5