Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-03-16	CVE-2020-1740	Insecure Temporary File vulnerability in multiple products A flaw was found in Ansible Engine when using Ansible Vault for editing encrypted files. local high complexity redhat debian fedoraproject CWE-377	4.7
2020-03-16	CVE-2020-1735	Path Traversal vulnerability in multiple products A flaw was found in the Ansible Engine when the fetch module is used. local low complexity redhat debian fedoraproject CWE-22	4.6
2020-03-16	CVE-2020-1753	Information Exposure Through Process Environment vulnerability in multiple products A security flaw was found in Ansible Engine, all Ansible 2.7.x versions prior to 2.7.17, all Ansible 2.8.x versions prior to 2.8.11 and all Ansible 2.9.x versions prior to 2.9.7, when managing kubernetes using the k8s module. local low complexity redhat debian fedoraproject CWE-214	5.5
2020-03-12	CVE-2020-0556	Improper access control in subsystem for BlueZ before version 5.54 may allow an unauthenticated user to potentially enable escalation of privilege and denial of service via adjacent access low complexity bluez canonical debian opensuse	5.8
2020-03-11	CVE-2020-1733	Race Condition vulnerability in multiple products A race condition flaw was found in Ansible Engine 2.7.17 and prior, 2.8.9 and prior, 2.9.6 and prior when running a playbook with an unprivileged become user. local high complexity redhat fedoraproject debian CWE-362	5.0
2020-03-10	CVE-2012-1096	Improper Certificate Validation vulnerability in multiple products NetworkManager 0.9 and earlier allows local users to use other users' certificates or private keys when making a connection via the file path when adding a new connection. local low complexity gnome debian CWE-295	4.9
2020-03-06	CVE-2019-20503	Out-of-bounds Read vulnerability in multiple products usrsctp before 2019-12-20 has out-of-bounds reads in sctp_load_addresses_from_init. network low complexity usrsctp-project debian canonical CWE-125	6.5
2020-03-04	CVE-2020-10029	Out-of-bounds Write vulnerability in multiple products The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. local low complexity gnu fedoraproject canonical opensuse netapp debian CWE-787	5.5
2020-02-28	CVE-2019-10064	Insufficient Entropy vulnerability in multiple products hostapd before 2.6, in EAP mode, makes calls to the rand() and random() standard library functions without any preceding srand() or srandom() call, which results in inappropriate use of deterministic values. network low complexity w1-fi debian CWE-331	5.0
2020-02-27	CVE-2020-7063	Improper Preservation of Permissions vulnerability in multiple products In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when creating PHAR archive using PharData::buildFromIterator() function, the files are added with default permissions (0666, or all access) even if the original files on the filesystem were with more restrictive permissions. network low complexity php tenable debian opensuse CWE-281	5.0