High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-10-22	CVE-2020-27670	Insufficient Verification of Data Authenticity vulnerability in multiple products An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a denial of service (data corruption), cause a data leak, or possibly gain privileges because an AMD IOMMU page-table entry can be half-updated. local high complexity xen opensuse fedoraproject debian CWE-345	7.8
2020-10-22	CVE-2020-27638	Reachable Assertion vulnerability in multiple products receive.c in fastd before v21 allows denial of service (assertion failure) when receiving packets with an invalid type code. network low complexity fastd-project debian fedoraproject CWE-617	7.5
2020-10-20	CVE-2020-25648	Allocation of Resources Without Limits or Throttling vulnerability in multiple products A flaw was found in the way NSS handled CCS (ChangeCipherSpec) messages in TLS 1.3. network low complexity mozilla redhat fedoraproject oracle CWE-770	7.5
2020-10-19	CVE-2020-24388	Out-of-bounds Write vulnerability in multiple products An issue was discovered in the _send_secure_msg() function of yubihsm-shell through 2.0.2. network low complexity yubico fedoraproject CWE-787	7.5
2020-10-19	CVE-2020-24387	Out-of-bounds Write vulnerability in multiple products An issue was discovered in the yh_create_session() function of yubihsm-shell through 2.0.2. network low complexity yubico fedoraproject CWE-787	7.5
2020-10-19	CVE-2020-24266	Out-of-bounds Write vulnerability in multiple products An issue was discovered in tcpreplay tcpprep v4.3.3. network low complexity broadcom fedoraproject CWE-787	7.5
2020-10-19	CVE-2020-24265	Out-of-bounds Write vulnerability in multiple products An issue was discovered in tcpreplay tcpprep v4.3.3. network low complexity broadcom fedoraproject CWE-787	7.5
2020-10-16	CVE-2020-9983	Out-of-bounds Write vulnerability in multiple products An out-of-bounds write issue was addressed with improved bounds checking. network low complexity apple fedoraproject CWE-787	8.8
2020-10-07	CVE-2020-26880	Improper Privilege Management vulnerability in multiple products Sympa through 6.2.57b.2 allows a local privilege escalation from the sympa user account to full root access by modifying the sympa.conf configuration file (which is owned by sympa) and parsing it through the setuid sympa_newaliases-wrapper executable. local low complexity sympa fedoraproject debian CWE-269	7.8
2020-10-06	CVE-2020-26575	Infinite Loop vulnerability in multiple products In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop. network low complexity wireshark fedoraproject debian oracle CWE-835	7.5