High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-12-15	CVE-2020-35381	jsonparser 1.0.0 allows attackers to cause a denial of service (panic: runtime error: slice bounds out of range) via a GET call. network low complexity jsonparser-project fedoraproject	7.5
2020-12-15	CVE-2020-29481	Improper Privilege Management vulnerability in multiple products An issue was discovered in Xen through 4.14.x. local low complexity xen debian fedoraproject CWE-269	8.8
2020-12-15	CVE-2020-29479	Missing Authorization vulnerability in multiple products An issue was discovered in Xen through 4.14.x. local low complexity xen debian fedoraproject CWE-862	8.8
2020-12-14	CVE-2020-8286	Improper Certificate Validation vulnerability in multiple products curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response. network low complexity haxx fedoraproject debian netapp apple siemens oracle splunk CWE-295	7.5
2020-12-14	CVE-2020-8285	Uncontrolled Recursion vulnerability in multiple products curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing. network low complexity haxx debian fedoraproject netapp apple oracle fujitsu siemens splunk CWE-674	7.5
2020-12-11	CVE-2020-27828	There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. local low complexity jasper-project fedoraproject	7.8
2020-12-09	CVE-2020-29661	Improper Locking vulnerability in multiple products A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. local low complexity linux fedoraproject debian netapp broadcom oracle CWE-667	7.8
2020-12-09	CVE-2020-29651	A denial of service via regular expression in the py.path.svnwc component of py (aka python-py) through 1.9.0 could be used by attackers to cause a compute-time denial of service attack by supplying malicious input to the blame functionality. network low complexity pytest fedoraproject oracle	7.5
2020-12-08	CVE-2020-27918	Use After Free vulnerability in multiple products A use after free issue was addressed with improved memory management. local low complexity apple fedoraproject debian webkitgtk CWE-416	7.8
2020-12-03	CVE-2020-25693	A flaw was found in CImg in versions prior to 2.9.3. network low complexity cimg fedoraproject	8.1