High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-03-10	CVE-2020-0034	Out-of-bounds Read vulnerability in multiple products In vp8_decode_frame of decodeframe.c, there is a possible out of bounds read due to improper input validation. network low complexity google debian CWE-125	7.8
2020-03-10	CVE-2020-5258	Code Injection vulnerability in multiple products In affected versions of dojo (NPM package), the deepCopy method is vulnerable to Prototype Pollution. network high complexity linuxfoundation debian oracle CWE-94	7.7
2020-03-05	CVE-2020-9402	SQL Injection vulnerability in multiple products Django 1.11 before 1.11.29, 2.2 before 2.2.11, and 3.0 before 3.0.4 allows SQL Injection if untrusted data is used as a tolerance parameter in GIS functions and aggregates on Oracle. network low complexity djangoproject debian fedoraproject netapp canonical CWE-89	8.8
2020-03-04	CVE-2020-8659	Allocation of Resources Without Limits or Throttling vulnerability in multiple products CNCF Envoy through 1.13.0 may consume excessive amounts of memory when proxying HTTP/1.1 requests or responses with many small (i.e. network low complexity cncf redhat debian CWE-770	7.5
2020-03-02	CVE-2020-9549	Out-of-bounds Write vulnerability in multiple products In PDFResurrect 0.12 through 0.19, get_type in pdf.c has an out-of-bounds write via a crafted PDF document. local low complexity pdfresurrect-project debian CWE-787	7.8
2020-02-28	CVE-2020-5247	HTTP Response Splitting vulnerability in multiple products In Puma (RubyGem) before 4.3.2 and before 3.12.3, if an application using Puma allows untrusted input in a response header, an attacker can use newline characters (i.e. network low complexity ruby-lang puma debian fedoraproject CWE-113	7.5
2020-02-27	CVE-2020-9431	Memory Leak vulnerability in multiple products In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the LTE RRC dissector could leak memory. network low complexity wireshark opensuse fedoraproject debian CWE-401	7.5
2020-02-27	CVE-2020-9430	Improper Input Validation vulnerability in multiple products In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the WiMax DLMAP dissector could crash. network low complexity wireshark fedoraproject opensuse debian CWE-20	7.5
2020-02-27	CVE-2020-9428	Out-of-bounds Read vulnerability in multiple products In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the EAP dissector could crash. network low complexity wireshark debian fedoraproject opensuse CWE-125	7.5
2020-02-27	CVE-2020-6418	Type Confusion vulnerability in multiple products Type confusion in V8 in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject redhat debian CWE-843	8.8