High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-06-04	CVE-2020-13777	Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting a session ticket (a loss of confidentiality in TLS 1.2, and an authentication bypass in TLS 1.3). network high complexity gnu fedoraproject canonical debian CWE-327	7.4
2020-06-03	CVE-2020-11080	Improper Enforcement of Message or Data Structure vulnerability in multiple products In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial of service. network low complexity nghttp2 debian opensuse fedoraproject oracle nodejs CWE-707	7.5
2020-06-02	CVE-2020-7663	websocket-extensions ruby module prior to 0.1.5 allows Denial of Service (DoS) via Regex Backtracking. network low complexity websocket-extensions-project debian canonical	7.5
2020-05-27	CVE-2020-10936	Improper Privilege Management vulnerability in multiple products Sympa before 6.2.56 allows privilege escalation. local low complexity sympa fedoraproject debian canonical CWE-269	7.8
2020-05-27	CVE-2020-13630	Use After Free vulnerability in multiple products ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature. local high complexity sqlite fedoraproject canonical netapp brocade debian siemens apple oracle CWE-416	7.0
2020-05-26	CVE-2020-6831	Classic Buffer Overflow vulnerability in multiple products A buffer overflow could occur when parsing and validating SCTP chunks in WebRTC. network low complexity mozilla canonical debian opensuse CWE-120	7.5
2020-05-22	CVE-2020-13398	Out-of-bounds Write vulnerability in multiple products An issue was discovered in FreeRDP before 2.1.1. network low complexity freerdp debian opensuse canonical CWE-787	8.3
2020-05-22	CVE-2020-13396	Out-of-bounds Read vulnerability in multiple products An issue was discovered in FreeRDP before 2.1.1. network low complexity freerdp debian opensuse canonical CWE-125	7.1
2020-05-22	CVE-2020-11077	HTTP Request Smuggling vulnerability in multiple products In Puma (RubyGem) before 4.3.5 and 3.12.6, a client could smuggle a request through a proxy, causing the proxy to send a response back to another unknown client. network low complexity puma fedoraproject debian opensuse CWE-444	7.5
2020-05-22	CVE-2020-11076	HTTP Request Smuggling vulnerability in multiple products In Puma (RubyGem) before 4.3.4 and 3.12.5, an attacker could smuggle an HTTP response, by using an invalid transfer-encoding header. network low complexity puma fedoraproject debian CWE-444	7.5