Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-07-15	CVE-2020-14556	Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). network high complexity oracle fedoraproject opensuse debian canonical netapp	4.8
2020-07-09	CVE-2020-10756	Out-of-bounds Read vulnerability in multiple products An out-of-bounds read vulnerability was found in the SLiRP networking implementation of the QEMU emulator. local low complexity libslirp-project redhat canonical debian opensuse CWE-125	6.5
2020-07-09	CVE-2020-12402	Information Exposure Through Discrepancy vulnerability in multiple products During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly input-dependent flow. local high complexity mozilla opensuse fedoraproject debian CWE-203	4.4
2020-07-07	CVE-2020-10730	Use After Free vulnerability in multiple products A NULL pointer dereference, or possible use-after-free flaw was found in Samba AD LDAP server in versions before 4.10.17, before 4.11.11 and before 4.12.4. network low complexity samba redhat opensuse fedoraproject debian CWE-416	6.5
2020-07-07	CVE-2020-15566	Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a host OS crash because of incorrect error handling in event-channel port allocation. local low complexity xen debian CWE-754	6.5
2020-07-07	CVE-2020-15564	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in Xen through 4.13.x, allowing Arm guest OS users to cause a hypervisor crash because of a missing alignment check in VCPUOP_register_vcpu_info. local low complexity xen debian fedoraproject CWE-119	6.5
2020-07-07	CVE-2020-15563	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in Xen through 4.13.x, allowing x86 HVM guest OS users to cause a hypervisor crash. local low complexity xen debian fedoraproject opensuse CWE-119	6.5
2020-07-06	CVE-2020-15569	Use After Free vulnerability in multiple products PlayerGeneric.cpp in MilkyTracker through 1.02.00 has a use-after-free in the PlayerGeneric destructor. local low complexity milkytracker-project debian CWE-416	5.5
2020-07-06	CVE-2020-15562	Cross-site Scripting vulnerability in multiple products An issue was discovered in Roundcube Webmail before 1.2.11, 1.3.x before 1.3.14, and 1.4.x before 1.4.7. network low complexity roundcube debian CWE-79	6.1
2020-07-02	CVE-2020-8166	Cross-Site Request Forgery (CSRF) vulnerability in multiple products A CSRF forgery vulnerability exists in rails < 5.2.5, rails < 6.0.4 that makes it possible for an attacker to, given a global CSRF token such as the one present in the authenticity_token meta tag, forge a per-form CSRF token. network rubyonrails debian CWE-352	4.3