Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-03-19	CVE-2019-20485	Improper Input Validation vulnerability in multiple products qemu/qemu_driver.c in libvirt before 6.0.0 mishandles the holding of a monitor job during a query to a guest agent, which allows attackers to cause a denial of service (API blockage). low complexity redhat debian fedoraproject CWE-20	5.7
2020-03-18	CVE-2019-12921	Command Injection vulnerability in multiple products In GraphicsMagick before 1.3.32, the text filename component allows remote attackers to read arbitrary files via a crafted image because of TranslateTextEx for SVG. network low complexity graphicsmagick debian opensuse CWE-77	6.5
2020-03-16	CVE-2020-1740	A flaw was found in Ansible Engine when using Ansible Vault for editing encrypted files. local high complexity redhat debian fedoraproject	4.7
2020-03-16	CVE-2020-1735	A flaw was found in the Ansible Engine when the fetch module is used. local low complexity redhat debian fedoraproject	4.6
2020-03-16	CVE-2020-1753	A security flaw was found in Ansible Engine, all Ansible 2.7.x versions prior to 2.7.17, all Ansible 2.8.x versions prior to 2.8.11 and all Ansible 2.9.x versions prior to 2.9.7, when managing kubernetes using the k8s module. local low complexity redhat debian fedoraproject	5.5
2020-03-11	CVE-2020-1733	Race Condition vulnerability in multiple products A race condition flaw was found in Ansible Engine 2.7.17 and prior, 2.8.9 and prior, 2.9.6 and prior when running a playbook with an unprivileged become user. local high complexity redhat fedoraproject debian CWE-362	5.0
2020-03-10	CVE-2012-1096	Improper Certificate Validation vulnerability in multiple products NetworkManager 0.9 and earlier allows local users to use other users' certificates or private keys when making a connection via the file path when adding a new connection. local low complexity gnome debian CWE-295	5.5
2020-03-06	CVE-2019-20503	Out-of-bounds Read vulnerability in multiple products usrsctp before 2019-12-20 has out-of-bounds reads in sctp_load_addresses_from_init. network low complexity usrsctp-project debian canonical CWE-125	6.5
2020-03-04	CVE-2020-10029	Out-of-bounds Write vulnerability in multiple products The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. local low complexity gnu fedoraproject canonical opensuse netapp debian CWE-787	5.5
2020-02-27	CVE-2020-7063	Improper Preservation of Permissions vulnerability in multiple products In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when creating PHAR archive using PharData::buildFromIterator() function, the files are added with default permissions (0666, or all access) even if the original files on the filesystem were with more restrictive permissions. network low complexity php tenable debian opensuse CWE-281	5.3