Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-11-23	CVE-2019-14562	Integer Overflow or Wraparound vulnerability in multiple products Integer overflow in DxeImageVerificationHandler() EDK II may allow an authenticated user to potentially enable denial of service via local access. local low complexity tianocore debian CWE-190	5.5
2020-11-20	CVE-2020-20739	Missing Initialization of Resource vulnerability in multiple products im_vips2dz in /libvips/libvips/deprecated/im_vips2dz.c in libvips before 8.8.2 has an uninitialized variable which may cause the leakage of remote server path or stack address. network low complexity libvips debian fedoraproject CWE-909	5.3
2020-11-20	CVE-2020-28974	Out-of-bounds Read vulnerability in multiple products A slab-out-of-bounds read in fbcon in the Linux kernel before 5.9.7 could be used by local attackers to read privileged information or potentially crash the kernel, aka CID-3c4e0dff2095. low complexity linux debian CWE-125	5.0
2020-11-19	CVE-2020-28941	Release of Invalid Pointer or Reference vulnerability in multiple products An issue was discovered in drivers/accessibility/speakup/spk_ttyio.c in the Linux kernel through 5.9.9. local low complexity linux fedoraproject debian CWE-763	5.5
2020-11-18	CVE-2020-26215	Jupyter Notebook before version 6.1.5 has an Open redirect vulnerability. network low complexity jupyter debian	6.1
2020-11-12	CVE-2020-8698	Exposure of Resource to Wrong Sphere vulnerability in multiple products Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. local low complexity intel netapp fedoraproject debian siemens CWE-668	5.5
2020-11-12	CVE-2020-8696	Improper Cross-boundary Removal of Sensitive Data vulnerability in multiple products Improper removal of sensitive information before storage or transfer in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. local low complexity intel netapp fedoraproject debian CWE-212	5.5
2020-11-12	CVE-2020-8695	Information Exposure Through Discrepancy vulnerability in multiple products Observable discrepancy in the RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. local low complexity intel fedoraproject debian CWE-203	5.5
2020-11-12	CVE-2020-25706	A cross-site scripting (XSS) vulnerability exists in templates_import.php (Cacti 1.2.13) due to Improper escaping of error message during template import preview in the xml_path field network low complexity cacti debian	6.1
2020-11-10	CVE-2020-28368	Missing Authorization vulnerability in multiple products Xen through 4.14.x allows guest OS administrators to obtain sensitive information (such as AES keys from outside the guest) via a side-channel attack on a power/energy monitoring interface, aka a "Platypus" attack. local low complexity xen fedoraproject debian CWE-862	4.4