Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-05-20	CVE-2020-11078	CRLF Injection vulnerability in multiple products In httplib2 before version 0.18.0, an attacker controlling unescaped part of uri for `httplib2.Http.request()` could change request headers and body, send additional hidden requests to same server. network high complexity httplib2-project fedoraproject debian CWE-93	6.8
2020-05-20	CVE-2020-13231	Cross-Site Request Forgery (CSRF) vulnerability in multiple products In Cacti before 1.2.11, auth_profile.php?action=edit allows CSRF for an admin email change. network low complexity cacti fedoraproject CWE-352	6.5
2020-05-20	CVE-2020-13230	Improper Preservation of Permissions vulnerability in multiple products In Cacti before 1.2.11, disabling a user account does not immediately invalidate any permissions granted to that account (e.g., permission to view logs). network low complexity cacti debian fedoraproject CWE-281	4.3
2020-05-20	CVE-2020-10726	Integer Overflow or Wraparound vulnerability in multiple products A vulnerability was found in DPDK versions 19.11 and above. local low complexity dpdk fedoraproject opensuse oracle CWE-190	4.4
2020-05-19	CVE-2020-10724	Out-of-bounds Read vulnerability in multiple products A vulnerability was found in DPDK versions 18.11 and above. local low complexity dpdk canonical fedoraproject CWE-125	4.4
2020-05-19	CVE-2020-10723	Integer Overflow or Wraparound vulnerability in multiple products A memory corruption issue was found in DPDK versions 17.05 and above. local low complexity dpdk canonical fedoraproject opensuse oracle CWE-190	6.7
2020-05-19	CVE-2020-10722	Integer Overflow or Wraparound vulnerability in multiple products A vulnerability was found in DPDK versions 18.05 and above. local low complexity dpdk canonical fedoraproject opensuse oracle CWE-190	6.7
2020-05-19	CVE-2020-8617	Reachable Assertion vulnerability in multiple products Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows (or successfully guesses) the name of a TSIG key used by the server. network high complexity isc debian fedoraproject opensuse canonical CWE-617	5.9
2020-05-15	CVE-2020-12888	Improper Handling of Exceptional Conditions vulnerability in multiple products The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space. local high complexity linux fedoraproject opensuse debian canonical netapp CWE-755	5.3
2020-05-15	CVE-2020-3810	Out-of-bounds Read vulnerability in multiple products Missing input validation in the ar/tar implementations of APT before version 2.1.2 could result in denial of service when processing specially crafted deb files. local low complexity debian fedoraproject canonical CWE-125	5.5