High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-08-24	CVE-2020-14350	Untrusted Search Path vulnerability in multiple products It was found that some PostgreSQL extensions did not use search_path safely in their installation script. local low complexity postgresql debian opensuse canonical CWE-426	7.3
2020-08-21	CVE-2020-8623	Reachable Assertion vulnerability in multiple products In BIND 9.10.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.10.5-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker that can reach a vulnerable system with a specially crafted query packet can trigger a crash. network low complexity isc fedoraproject opensuse debian canonical synology netapp CWE-617	7.5
2020-08-19	CVE-2020-24368	Path Traversal vulnerability in multiple products Icinga Icinga Web2 2.0.0 through 2.6.4, 2.7.4 and 2.8.2 has a Directory Traversal vulnerability which allows an attacker to access arbitrary files that are readable by the process running Icinga Web 2. network low complexity icinga debian suse CWE-22	7.5
2020-08-19	CVE-2020-14356	NULL Pointer Dereference vulnerability in multiple products A flaw null pointer dereference in the Linux kernel cgroupv2 subsystem in versions before 5.7.10 was found in the way when reboot the system. local low complexity linux redhat opensuse debian canonical netapp CWE-476	7.8
2020-08-17	CVE-2020-13933	Apache Shiro before 1.6.0, when using Apache Shiro, a specially crafted HTTP request may cause an authentication bypass. network low complexity apache debian	7.5
2020-08-13	CVE-2020-16303	Use After Free vulnerability in multiple products A use-after-free vulnerability in xps_finish_image_path() in devices/vector/gdevxps.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted PDF file. local low complexity artifex debian canonical CWE-416	7.8
2020-08-12	CVE-2020-12674	Out-of-bounds Read vulnerability in multiple products In Dovecot before 2.3.11.3, sending a specially formatted RPA request will crash the auth service because a length of zero is mishandled. network low complexity dovecot debian canonical fedoraproject CWE-125	7.5
2020-08-12	CVE-2020-12673	Out-of-bounds Read vulnerability in multiple products In Dovecot before 2.3.11.3, sending a specially formatted NTLM request will crash the auth service because of an out-of-bounds read. network low complexity dovecot debian canonical fedoraproject CWE-125	7.5
2020-08-12	CVE-2020-12100	Uncontrolled Recursion vulnerability in multiple products In Dovecot before 2.3.11.3, uncontrolled recursion in submission, lmtp, and lda allows remote attackers to cause a denial of service (resource consumption) via a crafted e-mail message with deeply nested MIME parts. network low complexity dovecot debian fedoraproject canonical CWE-674	7.5
2020-08-11	CVE-2020-0256	Out-of-bounds Write vulnerability in multiple products In LoadPartitionTable of gpt.cc, there is a possible out of bounds write due to a missing bounds check. local low complexity google debian CWE-787	7.2