High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-08-06	CVE-2020-15115	etcd before versions 3.3.23 and 3.4.10 does not perform any password length validation, which allows for very short passwords, such as those with a length of one. network low complexity redhat fedoraproject	7.5
2020-08-06	CVE-2020-16845	Infinite Loop vulnerability in multiple products Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs. network low complexity golang opensuse debian fedoraproject CWE-835	7.5
2020-08-05	CVE-2020-15113	In etcd before versions 3.3.23 and 3.4.10, certain directory paths are created (etcd data directory and the directory path when provided to automatically generate self-signed certificates for TLS connections with clients) with restricted access permissions (700) by using the os.MkdirAll. local low complexity etcd fedoraproject	7.1
2020-07-28	CVE-2020-16094	Uncontrolled Recursion vulnerability in multiple products In imap_scan_tree_recursive in Claws Mail through 3.17.6, a malicious IMAP server can trigger stack consumption because of unlimited recursion into subdirectories during a rebuild of the folder tree. network low complexity claws-mail fedoraproject CWE-674	7.5
2020-07-27	CVE-2020-15953	Injection vulnerability in multiple products LibEtPan through 1.9.4, as used in MailCore 2 through 0.6.3 and other products, has a STARTTLS buffering issue that affects IMAP, SMTP, and POP3. network high complexity libetpan-project libmailcore fedoraproject debian CWE-74	7.4
2020-07-22	CVE-2020-6534	Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in WebRTC in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google opensuse debian fedoraproject CWE-787	8.8
2020-07-22	CVE-2020-6533	Type Confusion vulnerability in multiple products Type Confusion in V8 in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google opensuse debian fedoraproject CWE-843	8.8
2020-07-22	CVE-2020-6530	Out-of-bounds Write vulnerability in multiple products Out of bounds memory access in developer tools in Google Chrome prior to 84.0.4147.89 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. network low complexity google opensuse fedoraproject debian CWE-787	8.8
2020-07-22	CVE-2020-6525	Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian opensuse fedoraproject CWE-787	8.8
2020-07-22	CVE-2020-6524	Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in WebAudio in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian opensuse fedoraproject CWE-787	8.8