Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-11-20	CVE-2020-4788	IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances. local high complexity ibm fedoraproject oracle	4.7
2020-11-19	CVE-2020-28941	Release of Invalid Pointer or Reference vulnerability in multiple products An issue was discovered in drivers/accessibility/speakup/spk_ttyio.c in the Linux kernel through 5.9.9. local low complexity linux fedoraproject debian CWE-763	5.5
2020-11-19	CVE-2020-25703	Information Exposure vulnerability in multiple products The participants table download in Moodle always included user emails, but should have only done so when users' emails are not hidden. network low complexity moodle fedoraproject CWE-200	5.3
2020-11-19	CVE-2020-25702	Cross-site Scripting vulnerability in multiple products In Moodle, it was possible to include JavaScript when re-naming content bank items. network low complexity moodle fedoraproject CWE-79	6.1
2020-11-19	CVE-2020-25701	Incorrect Authorization vulnerability in multiple products If the upload course tool in Moodle was used to delete an enrollment method which did not exist or was not already enabled, the tool would erroneously enable that enrollment method. network low complexity moodle fedoraproject CWE-863	5.3
2020-11-19	CVE-2020-25700	SQL Injection vulnerability in multiple products In moodle, some database module web services allowed students to add entries within groups they did not belong to. network low complexity moodle fedoraproject CWE-89	6.5
2020-11-12	CVE-2020-8698	Exposure of Resource to Wrong Sphere vulnerability in multiple products Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. local low complexity intel netapp fedoraproject debian siemens CWE-668	5.5
2020-11-12	CVE-2020-8696	Improper Cross-boundary Removal of Sensitive Data vulnerability in multiple products Improper removal of sensitive information before storage or transfer in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. local low complexity intel netapp fedoraproject debian CWE-212	5.5
2020-11-12	CVE-2020-8695	Information Exposure Through Discrepancy vulnerability in multiple products Observable discrepancy in the RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. local low complexity intel fedoraproject debian CWE-203	5.5
2020-11-12	CVE-2020-25658	Covert Timing Channel vulnerability in multiple products It was found that python-rsa is vulnerable to Bleichenbacher timing attacks. network high complexity python-rsa-project redhat fedoraproject CWE-385	5.9