Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-08-21	CVE-2020-8624	Improper Privilege Management vulnerability in multiple products In BIND 9.9.12 -> 9.9.13, 9.10.7 -> 9.10.8, 9.11.3 -> 9.11.21, 9.12.1 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.12-S1 -> 9.9.13-S1, 9.11.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker who has been granted privileges to change a specific subset of the zone's content could abuse these unintended additional privileges to update other contents of the zone. network low complexity isc debian canonical netapp fedoraproject opensuse CWE-269	4.3
2020-08-21	CVE-2020-8622	Reachable Assertion vulnerability in multiple products In BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that request, triggering an assertion failure, causing the server to exit. network low complexity isc fedoraproject debian canonical netapp opensuse synology oracle CWE-617	6.5
2020-08-17	CVE-2020-24370	Integer Underflow (Wrap or Wraparound) vulnerability in multiple products ldebug.c in Lua 5.4.0 allows a negation overflow and segmentation fault in getlocal and setlocal, as demonstrated by getlocal(3,2^31). network low complexity lua fedoraproject debian CWE-191	5.3
2020-08-13	CVE-2020-24332	Link Following vulnerability in multiple products An issue was discovered in TrouSerS through 0.3.14. local low complexity trustedcomputinggroup fedoraproject CWE-59	5.5
2020-08-13	CVE-2020-17498	Double Free vulnerability in multiple products In Wireshark 3.2.0 to 3.2.5, the Kafka protocol dissector could crash. network low complexity wireshark fedoraproject opensuse oracle CWE-415	6.5
2020-08-12	CVE-2020-17507	Out-of-bounds Read vulnerability in multiple products An issue was discovered in Qt through 5.12.9, and 5.13.x through 5.15.x before 5.15.1. network low complexity qt debian fedoraproject CWE-125	5.3
2020-08-12	CVE-2020-16145	Cross-site Scripting vulnerability in multiple products Roundcube Webmail before 1.3.15 and 1.4.8 allows stored XSS in HTML messages during message display via a crafted SVG document. network low complexity roundcube fedoraproject CWE-79	6.1
2020-08-06	CVE-2020-15136	Missing Authentication for Critical Function vulnerability in multiple products In ectd before versions 3.4.10 and 3.3.23, gateway TLS authentication is only applied to endpoints detected in DNS SRV records. network high complexity redhat fedoraproject CWE-306	6.5
2020-08-05	CVE-2020-15112	Improper Validation of Array Index vulnerability in multiple products In etcd before versions 3.3.23 and 3.4.10, it is possible to have an entry index greater then the number of entries in the ReadAll method in wal/wal.go. network low complexity etcd fedoraproject CWE-129	6.5
2020-08-05	CVE-2020-15106	In etcd before versions 3.3.23 and 3.4.10, a large slice causes panic in decodeRecord method. network low complexity etcd fedoraproject	6.5