High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-04-29	CVE-2020-11884	Race Condition vulnerability in multiple products In the Linux kernel 4.19 through 5.6.7 on the s390 platform, code execution may occur because of a race condition, as demonstrated by code in enable_sacf_uaccess in arch/s390/lib/uaccess.c that fails to protect against a concurrent page table upgrade, aka CID-3f777e19d171. local high complexity linux canonical debian fedoraproject netapp CWE-362	7.0
2020-04-28	CVE-2020-10663	Improper Input Validation vulnerability in multiple products The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability. network low complexity json-project fedoraproject opensuse debian apple CWE-20	7.5
2020-04-27	CVE-2020-12268	Out-of-bounds Write vulnerability in multiple products jbig2_image_compose in jbig2_image.c in Artifex jbig2dec before 0.18 has a heap-based buffer overflow. network low complexity artifex debian opensuse CWE-787	7.5
2020-04-23	CVE-2019-20788	Integer Overflow or Wraparound vulnerability in multiple products libvncclient/cursor.c in LibVNCServer through 0.9.12 has a HandleCursorShape integer overflow and heap-based buffer overflow via a large height or width value. network low complexity libvnc-project canonical debian siemens CWE-190	7.5
2020-04-22	CVE-2020-12066	Improper Input Validation vulnerability in multiple products CServer::SendMsg in engine/server/server.cpp in Teeworlds 0.7.x before 0.7.5 allows remote attackers to shut down the server. network low complexity teeworlds opensuse fedoraproject debian canonical CWE-20	7.5
2020-04-21	CVE-2020-11008	Insufficiently Protected Credentials vulnerability in multiple products Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. network low complexity git-scm debian canonical fedoraproject CWE-522	7.5
2020-04-21	CVE-2020-1967	NULL Pointer Dereference vulnerability in multiple products Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signature_algorithms_cert" TLS extension. network low complexity openssl debian freebsd fedoraproject oracle netapp broadcom opensuse jdedwards tenable CWE-476	7.5
2020-04-15	CVE-2019-12519	Out-of-bounds Write vulnerability in multiple products An issue was discovered in Squid through 4.7. network low complexity squid-cache debian canonical opensuse CWE-787	7.5
2020-04-15	CVE-2019-12524	Missing Authentication for Critical Function vulnerability in multiple products An issue was discovered in Squid through 4.7. network low complexity squid-cache debian canonical CWE-306	7.5
2020-04-15	CVE-2020-11729	Session Fixation vulnerability in multiple products An issue was discovered in DAViCal Andrew's Web Libraries (AWL) through 0.60. network low complexity davical debian CWE-384	7.5