High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-09-16	CVE-2020-14393	Out-of-bounds Write vulnerability in multiple products A buffer overflow was found in perl-DBI < 1.643 in DBI.xs. local low complexity perl opensuse debian fedoraproject CWE-787	7.1
2020-09-16	CVE-2020-14386	Out-of-bounds Write vulnerability in multiple products A flaw was found in the Linux kernel before 5.9-rc4. local low complexity linux debian fedoraproject opensuse CWE-787	7.8
2020-09-14	CVE-2020-24660	Forced Browsing vulnerability in multiple products An issue was discovered in LemonLDAP::NG through 2.0.8, when NGINX is used. network low complexity lemonldap-ng debian CWE-425	7.5
2020-09-11	CVE-2020-15166	Resource Exhaustion vulnerability in multiple products In ZeroMQ before version 4.3.3, there is a denial-of-service vulnerability. network low complexity zeromq fedoraproject debian CWE-400	7.5
2020-09-09	CVE-2020-25219	Uncontrolled Recursion vulnerability in multiple products url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger uncontrolled recursion via a response composed of an infinite stream that lacks a newline character. network low complexity libproxy-project debian fedoraproject opensuse canonical CWE-674	7.5
2020-09-04	CVE-2019-20916	Path Traversal vulnerability in multiple products The pip package before 19.2 for Python allows Directory Traversal when a URL is given in an install command, because a Content-Disposition header can have ../ in a filename, as demonstrated by overwriting the /root/.ssh/authorized_keys file. network low complexity pypa opensuse debian oracle CWE-22	7.5
2020-09-03	CVE-2020-7729	Insecure Default Initialization of Resource vulnerability in multiple products The package grunt before 1.3.0 are vulnerable to Arbitrary Code Execution due to the default usage of the function load() instead of its secure replacement safeLoad() of the package js-yaml inside grunt.file.readYAML. network high complexity gruntjs debian canonical CWE-1188	7.1
2020-08-26	CVE-2019-14904	Improper Input Validation vulnerability in multiple products A flaw was found in the solaris_zone module from the Ansible Community modules. local low complexity redhat debian CWE-20	7.3
2020-08-25	CVE-2020-24616	Deserialization of Untrusted Data vulnerability in multiple products FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource (aka Anteros-DBCP). network high complexity fasterxml netapp oracle debian CWE-502	8.1
2020-08-24	CVE-2020-24606	Improper Locking vulnerability in multiple products Squid before 4.13 and 5.x before 5.0.4 allows a trusted peer to perform Denial of Service by consuming all available CPU cycles during handling of a crafted Cache Digest response message. network low complexity squid-cache canonical debian fedoraproject opensuse CWE-667	7.5