High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-06-17	CVE-2020-14040	Infinite Loop vulnerability in multiple products The x/text package before 0.3.3 for Go has a vulnerability in encoding/unicode that could lead to the UTF-16 decoder entering an infinite loop, causing the program to crash or run out of memory. network low complexity golang fedoraproject CWE-835	7.5
2020-06-17	CVE-2020-14295	SQL Injection vulnerability in multiple products A SQL injection issue in color.php in Cacti 1.2.12 allows an admin to inject SQL via the filter parameter. network low complexity cacti fedoraproject CWE-89	7.2
2020-06-15	CVE-2020-14148	Out-of-bounds Read vulnerability in multiple products The Server-Server protocol implementation in ngIRCd before 26~rc2 allows an out-of-bounds access, as demonstrated by the IRC_NJOIN() function. network low complexity barton debian fedoraproject CWE-125	7.5
2020-06-11	CVE-2020-0198	Integer Overflow or Wraparound vulnerability in multiple products In exif_data_load_data_content of exif-data.c, there is a possible UBSAN abort due to an integer overflow. network low complexity google debian canonical fedoraproject libexif-project CWE-190	7.5
2020-06-11	CVE-2020-0181	Integer Overflow or Wraparound vulnerability in multiple products In exif_data_load_data_thumbnail of exif-data.c, there is a possible denial of service due to an integer overflow. network low complexity google fedoraproject libexif-project CWE-190	7.5
2020-06-10	CVE-2020-2026	Link Following vulnerability in multiple products A malicious guest compromised before a container creation (e.g. local low complexity katacontainers fedoraproject CWE-59	8.8
2020-06-09	CVE-2020-10757	Type Confusion vulnerability in multiple products A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages. local low complexity linux opensuse redhat fedoraproject debian canonical netapp CWE-843	7.8
2020-06-09	CVE-2020-13962	Qt 5.12.2 through 5.14.2, as used in unofficial builds of Mumble 1.3.0 and other products, mishandles OpenSSL's error queue, which can cause a denial of service to QSslSocket users. network low complexity mumble qt fedoraproject opensuse	7.5
2020-06-08	CVE-2020-13625	Improper Encoding or Escaping of Output vulnerability in multiple products PHPMailer before 6.1.6 contains an output escaping bug when the name of a file attachment contains a double quote character. network low complexity phpmailer-project fedoraproject canonical debian CWE-116	7.5
2020-06-08	CVE-2020-12695	Incorrect Default Permissions vulnerability in multiple products The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue. network high complexity ui w1-fi asus broadcom canon cisco dlink dell epson hp huawei nec netgear ruckussecurity tp-link zte zyxel microsoft fedoraproject debian canonical CWE-276	7.5