| 2020-05-29 | CVE-2020-11017 | In FreeRDP less than or equal to 2.0.0, by providing manipulated input a malicious client can create a double free condition and crash the server. | 6.5 |
| 2020-05-28 | CVE-2020-11082 | In Kaminari before 1.2.1, there is a vulnerability that would allow an attacker to inject arbitrary code into pages with pagination links. | 6.1 |
| 2020-05-28 | CVE-2019-20807 | OS Command Injection vulnerability in multiple products
In Vim before 8.1.0881, users can circumvent the rvim restricted mode and execute arbitrary OS commands via scripting interfaces (e.g., Python, Ruby, or Lua). | 5.3 |
| 2020-05-27 | CVE-2020-13632 | NULL Pointer Dereference vulnerability in multiple products
ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query. | 5.5 |
| 2020-05-27 | CVE-2020-13253 | Out-of-bounds Read vulnerability in multiple products
sd_wp_addr in hw/sd/sd.c in QEMU 4.2.0 uses an unvalidated address, which leads to an out-of-bounds read during sdhci_write() operations. | 5.5 |
| 2020-05-26 | CVE-2020-3812 | Improper Privilege Management vulnerability in multiple products
qmail-verify as used in netqmail 1.06 is prone to an information disclosure vulnerability. | 5.5 |
| 2020-05-24 | CVE-2020-13434 | Integer Overflow or Wraparound vulnerability in multiple products
SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c. | 5.5 |
| 2020-05-22 | CVE-2020-13397 | Out-of-bounds Read vulnerability in multiple products
An issue was discovered in FreeRDP before 2.1.1. | 5.5 |
| 2020-05-22 | CVE-2020-10711 | NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. | 5.9 |
| 2020-05-21 | CVE-2020-6491 | Insufficient data validation in site information in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to spoof security UI via a crafted domain name. | 6.5 |