High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-07-07	CVE-2020-15567	Race Condition vulnerability in multiple products An issue was discovered in Xen through 4.13.x, allowing Intel guest OS users to gain privileges or cause a denial of service because of non-atomic modification of a live EPT PTE. local high complexity xen debian opensuse fedoraproject CWE-362	7.8
2020-07-07	CVE-2020-15565	Resource Exhaustion vulnerability in multiple products An issue was discovered in Xen through 4.13.x, allowing x86 Intel HVM guest OS users to cause a host OS denial of service or possibly gain privileges because of insufficient cache write-back under VT-d. local low complexity xen debian fedoraproject opensuse CWE-400	8.8
2020-07-06	CVE-2020-14303	Excessive Iteration vulnerability in multiple products A flaw was found in the AD DC NBT server in all Samba versions before 4.10.17, before 4.11.11 and before 4.12.4. network low complexity samba fedoraproject opensuse debian canonical CWE-834	7.5
2020-07-02	CVE-2020-15503	Improper Input Validation vulnerability in multiple products LibRaw before 0.20-RC1 lacks a thumbnail size range check. network low complexity libraw fedoraproject debian CWE-20	7.5
2020-06-30	CVE-2020-14058	An issue was discovered in Squid before 4.12 and 5.x before 5.0.3. network low complexity squid-cache fedoraproject netapp	7.5
2020-06-30	CVE-2020-15049	HTTP Request Smuggling vulnerability in multiple products An issue was discovered in http/ContentLengthInterpreter.cc in Squid before 4.12 and 5.x before 5.0.3. network low complexity squid-cache fedoraproject CWE-444	8.8
2020-06-30	CVE-2020-15396	Race Condition vulnerability in multiple products In HylaFAX+ through 7.0.2 and HylaFAX Enterprise, the faxsetup utility calls chown on files in user-owned directories. local low complexity hylafax-project ifax fedoraproject opensuse CWE-362	7.8
2020-06-30	CVE-2020-15395	Out-of-bounds Read vulnerability in multiple products In MediaInfoLib in MediaArea MediaInfo 20.03, there is a stack-based buffer over-read in Streams_Fill_PerStream in Multiple/File_MpegPs.cpp (aka an off-by-one during MpegPs parsing). local low complexity mediaarea fedoraproject CWE-125	7.8
2020-06-29	CVE-2020-4067	In coturn before version 4.5.1.3, there is an issue whereby STUN/TURN response buffer is not initialized properly. network low complexity coturn-project debian fedoraproject canonical opensuse	7.5
2020-06-25	CVE-2020-11538	Out-of-bounds Read vulnerability in multiple products In libImaging/SgiRleDecode.c in Pillow through 7.0.0, a number of out-of-bounds reads exist in the parsing of SGI image files, a different issue than CVE-2020-5311. network high complexity python fedoraproject canonical CWE-125	8.1