High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-10-22	CVE-2020-27671	An issue was discovered in Xen through 4.14.x allowing x86 HVM and PVH guest OS users to cause a denial of service (data corruption), cause a data leak, or possibly gain privileges because coalescing of per-page IOMMU TLB flushes is mishandled. local high complexity xen opensuse debian fedoraproject	7.8
2020-10-22	CVE-2020-27670	Insufficient Verification of Data Authenticity vulnerability in multiple products An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a denial of service (data corruption), cause a data leak, or possibly gain privileges because an AMD IOMMU page-table entry can be half-updated. local high complexity xen opensuse fedoraproject debian CWE-345	7.8
2020-10-22	CVE-2020-15683	Use After Free vulnerability in multiple products Mozilla developers and community members reported memory safety bugs present in Firefox 81 and Firefox ESR 78.3. network low complexity mozilla debian opensuse CWE-416	7.5
2020-10-22	CVE-2020-27638	Reachable Assertion vulnerability in multiple products receive.c in fastd before v21 allows denial of service (assertion failure) when receiving packets with an invalid type code. network low complexity fastd-project debian fedoraproject CWE-617	7.5
2020-10-15	CVE-2020-27153	Double Free vulnerability in multiple products In BlueZ before 5.55, a double free was found in the gatttool disconnect_cb() routine from shared/att.c. network low complexity bluez debian opensuse CWE-415	7.5
2020-10-14	CVE-2020-0423	Improper Locking vulnerability in multiple products In binder_release_work of binder.c, there is a possible use-after-free due to improper locking. local low complexity google debian CWE-667	7.2
2020-10-07	CVE-2020-26880	Improper Privilege Management vulnerability in multiple products Sympa through 6.2.57b.2 allows a local privilege escalation from the sympa user account to full root access by modifying the sympa.conf configuration file (which is owned by sympa) and parsing it through the setuid sympa_newaliases-wrapper executable. local low complexity sympa fedoraproject debian CWE-269	7.8
2020-10-07	CVE-2020-11800	Zabbix Server 2.2.x and 3.0.x before 3.0.31, and 3.2 allows remote attackers to execute arbitrary code. network low complexity zabbix opensuse debian	7.5
2020-10-06	CVE-2020-26575	Infinite Loop vulnerability in multiple products In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop. network low complexity wireshark fedoraproject debian oracle CWE-835	7.5
2020-10-06	CVE-2020-25863	In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the MIME Multipart dissector could crash. network low complexity wireshark fedoraproject opensuse debian oracle	7.5