High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-08-13	CVE-2020-24342	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Lua through 5.4.0 allows a stack redzone cross in luaO_pushvfstring because a protection mechanism wrongly calls luaD_callnoyield twice in a row. local low complexity lua fedoraproject CWE-119	7.8
2020-08-13	CVE-2020-24331	Improper Privilege Management vulnerability in multiple products An issue was discovered in TrouSerS through 0.3.14. local low complexity trousers-project fedoraproject CWE-269	7.8
2020-08-13	CVE-2020-24330	Improper Privilege Management vulnerability in multiple products An issue was discovered in TrouSerS through 0.3.14. local low complexity trousers-project fedoraproject CWE-269	7.8
2020-08-12	CVE-2020-12674	Out-of-bounds Read vulnerability in multiple products In Dovecot before 2.3.11.3, sending a specially formatted RPA request will crash the auth service because a length of zero is mishandled. network low complexity dovecot debian canonical fedoraproject CWE-125	7.5
2020-08-12	CVE-2020-12673	Out-of-bounds Read vulnerability in multiple products In Dovecot before 2.3.11.3, sending a specially formatted NTLM request will crash the auth service because of an out-of-bounds read. network low complexity dovecot debian canonical fedoraproject CWE-125	7.5
2020-08-12	CVE-2020-12100	Uncontrolled Recursion vulnerability in multiple products In Dovecot before 2.3.11.3, uncontrolled recursion in submission, lmtp, and lda allows remote attackers to cause a denial of service (resource consumption) via a crafted e-mail message with deeply nested MIME parts. network low complexity dovecot debian fedoraproject canonical CWE-674	7.5
2020-08-11	CVE-2020-17487	radare2 4.5.0 misparses signature information in PE files, causing a segmentation fault in r_x509_parse_algorithmidentifier in libr/util/x509.c. network low complexity radare fedoraproject	7.5
2020-08-11	CVE-2020-17367	Argument Injection or Modification vulnerability in multiple products Firejail through 0.9.62 does not honor the -- end-of-options indicator after the --output option, which may lead to command injection. local low complexity firejail-project debian fedoraproject opensuse CWE-88	7.8
2020-08-10	CVE-2020-6070	Incorrect Calculation of Buffer Size vulnerability in multiple products An exploitable code execution vulnerability exists in the file system checking functionality of fsck.f2fs 1.12.0. local low complexity f2fs-tools-project fedoraproject CWE-131	7.8
2020-08-07	CVE-2020-9490	HTTP Request Smuggling vulnerability in multiple products Apache HTTP Server versions 2.4.20 to 2.4.43. network low complexity apache oracle opensuse debian fedoraproject canonical redhat CWE-444	7.5