High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-11-02	CVE-2020-28033	WordPress before 5.5.2 mishandles embeds from disabled sites on a multisite network, as demonstrated by allowing a spam embed. network low complexity wordpress fedoraproject debian	7.5
2020-11-02	CVE-2020-28030	Infinite Loop vulnerability in multiple products In Wireshark 3.2.0 to 3.2.7, the GQUIC dissector could crash. network low complexity wireshark debian fedoraproject CWE-835	7.5
2020-10-27	CVE-2020-15238	Argument Injection or Modification vulnerability in multiple products Blueman is a GTK+ Bluetooth Manager. local high complexity blueman-project debian fedoraproject CWE-88	7.0
2020-10-23	CVE-2020-27216	In Eclipse Jetty versions 1.0 thru 9.4.32.v20200930, 10.0.0.alpha1 thru 10.0.0.beta2, and 11.0.0.alpha1 thru 11.0.0.beta2O, on Unix like systems, the system's temporary directory is shared between all users on that system. local high complexity eclipse netapp oracle apache debian	7.0
2020-10-22	CVE-2020-27672	Use After Free vulnerability in multiple products An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a host OS denial of service, achieve data corruption, or possibly gain privileges by exploiting a race condition that leads to a use-after-free involving 2MiB and 1GiB superpages. local high complexity xen fedoraproject opensuse debian CWE-416	7.0
2020-10-22	CVE-2020-27671	An issue was discovered in Xen through 4.14.x allowing x86 HVM and PVH guest OS users to cause a denial of service (data corruption), cause a data leak, or possibly gain privileges because coalescing of per-page IOMMU TLB flushes is mishandled. local high complexity xen opensuse debian fedoraproject	7.8
2020-10-22	CVE-2020-27670	Insufficient Verification of Data Authenticity vulnerability in multiple products An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a denial of service (data corruption), cause a data leak, or possibly gain privileges because an AMD IOMMU page-table entry can be half-updated. local high complexity xen opensuse fedoraproject debian CWE-345	7.8
2020-10-22	CVE-2020-15683	Use After Free vulnerability in multiple products Mozilla developers and community members reported memory safety bugs present in Firefox 81 and Firefox ESR 78.3. network low complexity mozilla debian opensuse CWE-416	7.5
2020-10-22	CVE-2020-27638	Reachable Assertion vulnerability in multiple products receive.c in fastd before v21 allows denial of service (assertion failure) when receiving packets with an invalid type code. network low complexity fastd-project debian fedoraproject CWE-617	7.5
2020-10-15	CVE-2020-27153	Double Free vulnerability in multiple products In BlueZ before 5.55, a double free was found in the gatttool disconnect_cb() routine from shared/att.c. network low complexity bluez debian opensuse CWE-415	7.5