High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-05-19	CVE-2020-12244	Improper Verification of Cryptographic Signature vulnerability in multiple products An issue has been found in PowerDNS Recursor 4.1.0 through 4.3.0 where records in the answer section of a NXDOMAIN response lacking an SOA were not properly validated in SyncRes::processAnswer, allowing an attacker to bypass DNSSEC validation. network low complexity powerdns fedoraproject debian opensuse CWE-347	7.5
2020-05-15	CVE-2018-10756	Use After Free vulnerability in multiple products Use-after-free in libtransmission/variant.c in Transmission before 3.00 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted torrent file. local low complexity transmissionbt debian fedoraproject CWE-416	7.8
2020-05-13	CVE-2020-3341	Improper Input Validation vulnerability in multiple products A vulnerability in the PDF archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.101 - 0.102.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. network low complexity cisco canonical fedoraproject debian CWE-20	7.5
2020-05-13	CVE-2020-3327	Improper Input Validation vulnerability in multiple products A vulnerability in the ARJ archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. network low complexity cisco debian fedoraproject canonical CWE-20	7.5
2020-05-12	CVE-2020-8156	Improper Certificate Validation vulnerability in multiple products A missing verification of the TLS host in Nextcloud Mail 1.1.3 allowed a man in the middle attack. network high complexity nextcloud fedoraproject CWE-295	7.0
2020-05-12	CVE-2020-8153	Incorrect Permission Assignment for Critical Resource vulnerability in multiple products Improper access control in Groupfolders app 4.0.3 allowed to delete hidden directories when when renaming an accessible item to the same name. network low complexity nextcloud fedoraproject CWE-732	8.1
2020-05-12	CVE-2020-8151	Incorrect Authorization vulnerability in multiple products There is a possible information disclosure issue in Active Resource <v5.1.1 that could allow an attacker to create specially crafted requests to access data in an unexpected way and possibly leak information. network low complexity rubyonrails fedoraproject CWE-863	7.5
2020-05-11	CVE-2020-11866	Use After Free vulnerability in multiple products libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows a use-after-free. local low complexity libemf-project opensuse fedoraproject CWE-416	7.8
2020-05-11	CVE-2020-11865	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows out-of-bounds memory access. local low complexity libemf-project opensuse fedoraproject CWE-119	7.8
2020-05-11	CVE-2020-12783	Out-of-bounds Read vulnerability in multiple products Exim through 4.93 has an out-of-bounds read in the SPA authenticator that could result in SPA/NTLM authentication bypass in auths/spa.c and auths/auth-spa.c. network low complexity exim fedoraproject debian canonical CWE-125	7.5