Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-08-12	CVE-2020-17507	Out-of-bounds Read vulnerability in multiple products An issue was discovered in Qt through 5.12.9, and 5.13.x through 5.15.x before 5.15.1. network low complexity qt debian fedoraproject CWE-125	5.3
2020-08-11	CVE-2020-17489	Insufficiently Protected Credentials vulnerability in multiple products An issue was discovered in certain configurations of GNOME gnome-shell through 3.36.4. low complexity gnome debian canonical opensuse CWE-522	4.3
2020-08-11	CVE-2020-0256	Out-of-bounds Write vulnerability in multiple products In LoadPartitionTable of gpt.cc, there is a possible out of bounds write due to a missing bounds check. low complexity google debian CWE-787	6.8
2020-08-05	CVE-2020-14347	A flaw was found in the way xserver memory was not properly initialized. local low complexity x-org debian canonical	5.5
2020-07-29	CVE-2020-16135	NULL Pointer Dereference vulnerability in multiple products libssh 0.9.4 has a NULL pointer dereference in tftpserver.c if ssh_buffer_new returns NULL. network high complexity libssh debian fedoraproject canonical oracle CWE-476	5.9
2020-07-29	CVE-2020-16117	NULL Pointer Dereference vulnerability in multiple products In GNOME evolution-data-server before 3.35.91, a malicious server can crash the mail client with a NULL pointer dereference by sending an invalid (e.g., minimal) CAPABILITY line on a connection attempt. network high complexity gnome debian CWE-476	5.9
2020-07-29	CVE-2020-15707	Integer Overflow or Wraparound vulnerability in multiple products Integer overflows were discovered in the functions grub_cmd_initrd and grub_initrd_init in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu (the functionality is not included in GRUB2 upstream), leading to a heap-based buffer overflow. local high complexity gnu redhat microsoft canonical debian suse opensuse netapp CWE-190	6.4
2020-07-29	CVE-2020-15706	Use After Free vulnerability in multiple products GRUB2 contains a race condition in grub_script_function_create() leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing, leading to arbitrary code execution and secure boot restriction bypass. local high complexity gnu redhat canonical debian suse microsoft opensuse CWE-416	6.4
2020-07-29	CVE-2020-15705	Improper Verification of Cryptographic Signature vulnerability in multiple products GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. local high complexity gnu redhat canonical debian suse opensuse microsoft CWE-347	6.4
2020-07-28	CVE-2020-15863	Out-of-bounds Write vulnerability in multiple products hw/net/xgmac.c in the XGMAC Ethernet controller in QEMU before 07-20-2020 has a buffer overflow. local high complexity qemu debian canonical CWE-787	5.3