High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-07-21	CVE-2020-15866	Out-of-bounds Write vulnerability in multiple products mruby through 2.1.2-rc has a heap-based buffer overflow in the mrb_yield_with_class function in vm.c because of incorrect VM stack handling. network low complexity mruby debian CWE-787	7.5
2020-07-20	CVE-2020-3481	NULL Pointer Dereference vulnerability in multiple products A vulnerability in the EGG archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.0 - 0.102.3 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. network low complexity clamav debian canonical fedoraproject CWE-476	7.5
2020-07-15	CVE-2020-14593	Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). network low complexity oracle fedoraproject canonical debian opensuse netapp	7.4
2020-07-15	CVE-2020-14583	Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). network high complexity oracle fedoraproject canonical debian opensuse netapp	8.3
2020-07-15	CVE-2019-17637	XXE vulnerability in multiple products In all versions of Eclipse Web Tools Platform through release 3.18 (2020-06), XML and DTD files referring to external entities could be exploited to send the contents of local files to a remote server when edited or validated, even when external entity resolution is disabled in the user preferences. local low complexity eclipse debian CWE-611	7.1
2020-07-14	CVE-2020-13935	Infinite Loop vulnerability in multiple products The payload length in a WebSocket frame was not correctly validated in Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M1 to 9.0.36, 8.5.0 to 8.5.56 and 7.0.27 to 7.0.104. network low complexity apache debian netapp opensuse canonical mcafee oracle CWE-835	7.5
2020-07-14	CVE-2020-13934	Memory Leak vulnerability in multiple products An h2c direct connection to Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M5 to 9.0.36 and 8.5.1 to 8.5.56 did not release the HTTP/1.1 processor after the upgrade to HTTP/2. network low complexity apache debian netapp opensuse canonical oracle CWE-401	7.5
2020-07-13	CVE-2019-20907	Infinite Loop vulnerability in multiple products In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because _proc_pax lacks header validation. network low complexity python opensuse debian fedoraproject canonical netapp oracle CWE-835	7.5
2020-07-10	CVE-2020-11061	Heap-based Buffer Overflow vulnerability in multiple products In Bareos Director less than or equal to 16.2.10, 17.2.9, 18.2.8, and 19.2.7, a heap overflow allows a malicious client to corrupt the director's memory via oversized digest strings sent during initialization of a verify job. network low complexity bareos debian CWE-122	7.4
2020-07-07	CVE-2020-10745	Resource Exhaustion vulnerability in multiple products A flaw was found in all Samba versions before 4.10.17, before 4.11.11 and before 4.12.4 in the way it processed NetBios over TCP/IP. network low complexity samba fedoraproject opensuse debian CWE-400	7.5