High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-08-07	CVE-2020-11993	HTTP Request Smuggling vulnerability in multiple products Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools. network low complexity apache netapp canonical opensuse debian fedoraproject oracle CWE-444	7.5
2020-08-06	CVE-2020-15114	Missing Release of Resource after Effective Lifetime vulnerability in multiple products In etcd before versions 3.3.23 and 3.4.10, the etcd gateway is a simple TCP proxy to allow for basic service discovery and access. network low complexity redhat fedoraproject CWE-772	7.7
2020-08-06	CVE-2020-15115	Weak Password Requirements vulnerability in multiple products etcd before versions 3.3.23 and 3.4.10 does not perform any password length validation, which allows for very short passwords, such as those with a length of one. network low complexity redhat fedoraproject CWE-521	7.5
2020-08-06	CVE-2020-16845	Infinite Loop vulnerability in multiple products Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs. network low complexity golang opensuse debian fedoraproject CWE-835	7.5
2020-08-05	CVE-2020-15113	Improper Preservation of Permissions vulnerability in multiple products In etcd before versions 3.3.23 and 3.4.10, certain directory paths are created (etcd data directory and the directory path when provided to automatically generate self-signed certificates for TLS connections with clients) with restricted access permissions (700) by using the os.MkdirAll. local low complexity etcd fedoraproject CWE-281	7.1
2020-07-28	CVE-2020-16094	Uncontrolled Recursion vulnerability in multiple products In imap_scan_tree_recursive in Claws Mail through 3.17.6, a malicious IMAP server can trigger stack consumption because of unlimited recursion into subdirectories during a rebuild of the folder tree. network low complexity claws-mail fedoraproject CWE-674	7.5
2020-07-27	CVE-2020-15953	Injection vulnerability in multiple products LibEtPan through 1.9.4, as used in MailCore 2 through 0.6.3 and other products, has a STARTTLS buffering issue that affects IMAP, SMTP, and POP3. network high complexity libetpan-project libmailcore fedoraproject debian CWE-74	7.4
2020-07-22	CVE-2020-6534	Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in WebRTC in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google opensuse debian fedoraproject CWE-787	8.8
2020-07-22	CVE-2020-6533	Type Confusion vulnerability in multiple products Type Confusion in V8 in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google opensuse debian fedoraproject CWE-843	8.8
2020-07-22	CVE-2020-6530	Out-of-bounds Write vulnerability in multiple products Out of bounds memory access in developer tools in Google Chrome prior to 84.0.4147.89 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. network low complexity google opensuse fedoraproject debian CWE-787	8.8