High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-03-27	CVE-2020-1772	It's possible to craft Lost Password requests with wildcards in the Token value, which allows attacker to retrieve valid Token(s), generated by users which already requested new passwords. network low complexity otrs opensuse debian	7.5
2020-03-26	CVE-2020-10969	Deserialization of Untrusted Data vulnerability in multiple products FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to javax.swing.JEditorPane. network low complexity fasterxml debian netapp oracle CWE-502	8.8
2020-03-26	CVE-2020-10968	Deserialization of Untrusted Data vulnerability in multiple products FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.aoju.bus.proxy.provider.remoting.RmiProvider (aka bus-proxy). network low complexity fasterxml debian netapp oracle CWE-502	8.8
2020-03-24	CVE-2020-6078	Unchecked Return Value vulnerability in multiple products An exploitable denial-of-service vulnerability exists in the message-parsing functionality of Videolabs libmicrodns 0.1.0. network low complexity videolabs debian CWE-252	7.5
2020-03-24	CVE-2020-6072	Double Free vulnerability in multiple products An exploitable code execution vulnerability exists in the label-parsing functionality of Videolabs libmicrodns 0.1.0. network low complexity videolabs debian CWE-415	7.5
2020-03-24	CVE-2020-10938	Integer Overflow or Wraparound vulnerability in multiple products GraphicsMagick before 1.3.35 has an integer overflow and resultant heap-based buffer overflow in HuffmanDecodeImage in magick/compress.c. network low complexity graphicsmagick debian opensuse CWE-190	7.5
2020-03-24	CVE-2020-10684	Missing Authorization vulnerability in multiple products A flaw was found in Ansible Engine, all versions 2.7.x, 2.8.x and 2.9.x prior to 2.7.17, 2.8.9 and 2.9.6 respectively, when using ansible_facts as a subkey of itself and promoting it to a variable when inject is enabled, overwriting the ansible_facts after the clean. local low complexity redhat debian fedoraproject CWE-862	7.1
2020-03-23	CVE-2020-9760	Classic Buffer Overflow vulnerability in multiple products An issue was discovered in WeeChat before 2.7.1 (0.3.4 to 2.7 are affected). network low complexity weechat debian CWE-120	7.5
2020-03-23	CVE-2020-6449	Use After Free vulnerability in multiple products Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian fedoraproject suse opensuse CWE-416	8.8
2020-03-23	CVE-2020-6429	Out-of-bounds Write vulnerability in multiple products Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian fedoraproject suse opensuse CWE-787	8.8