High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-07-07	CVE-2020-15567	Race Condition vulnerability in multiple products An issue was discovered in Xen through 4.13.x, allowing Intel guest OS users to gain privileges or cause a denial of service because of non-atomic modification of a live EPT PTE. local high complexity xen debian opensuse fedoraproject CWE-362	7.8
2020-07-07	CVE-2020-15565	Resource Exhaustion vulnerability in multiple products An issue was discovered in Xen through 4.13.x, allowing x86 Intel HVM guest OS users to cause a host OS denial of service or possibly gain privileges because of insufficient cache write-back under VT-d. local low complexity xen debian fedoraproject opensuse CWE-400	8.8
2020-07-06	CVE-2020-14303	Excessive Iteration vulnerability in multiple products A flaw was found in the AD DC NBT server in all Samba versions before 4.10.17, before 4.11.11 and before 4.12.4. network low complexity samba fedoraproject opensuse debian canonical CWE-834	7.5
2020-07-05	CVE-2020-15466	Infinite Loop vulnerability in multiple products In Wireshark 3.2.0 to 3.2.4, the GVCP dissector could go into an infinite loop. network low complexity wireshark opensuse debian CWE-835	7.5
2020-07-02	CVE-2020-8161	Path Traversal vulnerability in multiple products A directory traversal vulnerability exists in rack < 2.2.0 that allows an attacker perform directory traversal vulnerability in the Rack::Directory app that is bundled with Rack which could result in information disclosure. network low complexity rack-project debian canonical CWE-22	8.6
2020-07-02	CVE-2020-15503	Improper Input Validation vulnerability in multiple products LibRaw before 0.20-RC1 lacks a thumbnail size range check. network low complexity libraw fedoraproject debian CWE-20	7.5
2020-06-29	CVE-2020-4067	Improper Initialization vulnerability in multiple products In coturn before version 4.5.1.3, there is an issue whereby STUN/TURN response buffer is not initialized properly. network low complexity coturn-project debian fedoraproject canonical opensuse CWE-665	7.5
2020-06-26	CVE-2020-11996	A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat 10.0.0-M1 to 10.0.0-M5, 9.0.0.M1 to 9.0.35 and 8.5.0 to 8.5.55 could trigger high CPU usage for several seconds. network low complexity apache canonical oracle opensuse debian netapp	7.5
2020-06-24	CVE-2020-12865	Out-of-bounds Write vulnerability in multiple products A heap buffer overflow in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-084. low complexity sane-project debian canonical opensuse CWE-787	8.0
2020-06-22	CVE-2020-4031	Use After Free vulnerability in multiple products In FreeRDP before version 2.1.2, there is a use-after-free in gdi_SelectObject. network low complexity freerdp fedoraproject opensuse canonical debian CWE-416	7.5