Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-01-10	CVE-2020-1765	An improper control of parameters allows the spoofing of the from fields of the following screens: AgentTicketCompose, AgentTicketForward, AgentTicketBounce and AgentTicketEmailOutbound. network low complexity otrs debian opensuse	5.3
2020-01-08	CVE-2019-17023	Improper Authentication vulnerability in multiple products After a HelloRetryRequest has been sent, the client may negotiate a lower protocol that TLS 1.3, resulting in an invalid state transition in the TLS State Machine. network low complexity mozilla canonical debian CWE-287	6.5
2020-01-08	CVE-2019-17022	Cross-site Scripting vulnerability in multiple products When pasting a <style> tag from the clipboard into a rich text editor, the CSS sanitizer does not escape < and > characters. network low complexity mozilla canonical debian redhat CWE-79	6.1
2020-01-08	CVE-2019-17016	Cross-site Scripting vulnerability in multiple products When pasting a <style> tag from the clipboard into a rich text editor, the CSS sanitizer incorrectly rewrites a @namespace rule. network low complexity mozilla debian canonical redhat CWE-79	6.1
2020-01-08	CVE-2020-0009	Incorrect Default Permissions vulnerability in multiple products In calc_vm_may_flags of ashmem.c, there is a possible arbitrary write to shared memory due to a permissions bypass. local low complexity google debian CWE-276	5.5
2020-01-08	CVE-2019-5188	Out-of-bounds Write vulnerability in multiple products A code execution vulnerability exists in the directory rehashing functionality of E2fsprogs e2fsck 1.45.4. local low complexity e2fsprogs-project fedoraproject debian canonical opensuse netapp CWE-787	6.7
2020-01-06	CVE-2019-18179	An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.12, and Community Edition 5.0.x through 5.0.38 and 6.0.x through 6.0.23. network low complexity otrs debian opensuse	4.3
2020-01-02	CVE-2014-6275	Information Exposure vulnerability in multiple products FusionForge before 5.3.2 use scripts that run under the shared Apache user, which is also used by project homepages by default. network high complexity fusionforge debian CWE-200	5.9
2020-01-02	CVE-2019-14864	Ansible, versions 2.9.x before 2.9.1, 2.8.x before 2.8.7 and Ansible versions 2.7.x before 2.7.15, is not respecting the flag no_log set it to True when Sumologic and Splunk callback plugins are used send tasks results events to collectors. network low complexity redhat debian opensuse	6.5
2020-01-02	CVE-2019-20208	Out-of-bounds Write vulnerability in multiple products dimC_Read in isomedia/box_code_3gpp.c in GPAC 0.8.0 has a stack-based buffer overflow. local low complexity gpac debian CWE-787	5.5