High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-09-01	CVE-2020-24583	Incorrect Default Permissions vulnerability in multiple products An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 (when Python 3.7+ is used). network low complexity djangoproject canonical fedoraproject oracle CWE-276	7.5
2020-08-30	CVE-2020-14352	Path Traversal vulnerability in multiple products A flaw was found in librepo in versions before 1.12.1. network low complexity redhat opensuse fedoraproject CWE-22	8.0
2020-08-29	CVE-2020-24972	Improper Encoding or Escaping of Output vulnerability in multiple products The Kleopatra component before 3.1.12 (and before 20.07.80) for GnuPG allows remote attackers to execute arbitrary code because openpgp4fpr: URLs are supported without safe handling of command-line options. network low complexity kleopatra-project fedoraproject opensuse CWE-116	8.8
2020-08-25	CVE-2020-24614	Missing Authorization vulnerability in multiple products Fossil before 2.10.2, 2.11.x before 2.11.2, and 2.12.x before 2.12.1 allows remote authenticated users to execute arbitrary code. network low complexity fossil-scm fedoraproject opensuse CWE-862	8.8
2020-08-24	CVE-2020-24606	Improper Locking vulnerability in multiple products Squid before 4.13 and 5.x before 5.0.4 allows a trusted peer to perform Denial of Service by consuming all available CPU cycles during handling of a crafted Cache Digest response message. network low complexity squid-cache canonical debian fedoraproject opensuse CWE-667	7.5
2020-08-21	CVE-2020-8623	Reachable Assertion vulnerability in multiple products In BIND 9.10.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.10.5-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker that can reach a vulnerable system with a specially crafted query packet can trigger a crash. network low complexity isc fedoraproject opensuse debian canonical synology netapp CWE-617	7.5
2020-08-17	CVE-2020-1597	A denial of service vulnerability exists when ASP.NET Core improperly handles web requests. network low complexity microsoft fedoraproject	7.5
2020-08-13	CVE-2020-24342	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Lua through 5.4.0 allows a stack redzone cross in luaO_pushvfstring because a protection mechanism wrongly calls luaD_callnoyield twice in a row. local low complexity lua fedoraproject CWE-119	7.8
2020-08-13	CVE-2020-24331	Improper Privilege Management vulnerability in multiple products An issue was discovered in TrouSerS through 0.3.14. local low complexity trousers-project fedoraproject CWE-269	7.8
2020-08-13	CVE-2020-24330	Improper Privilege Management vulnerability in multiple products An issue was discovered in TrouSerS through 0.3.14. local low complexity trousers-project fedoraproject CWE-269	7.8