High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-05-09	CVE-2020-12762	Integer Overflow or Wraparound vulnerability in multiple products json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend. local low complexity json-c fedoraproject debian canonical siemens CWE-190	7.8
2020-05-06	CVE-2020-10704	Uncontrolled Recursion vulnerability in multiple products A flaw was found when using samba as an Active Directory Domain Controller. network low complexity samba fedoraproject opensuse debian CWE-674	7.5
2020-05-05	CVE-2020-11033	Information Exposure vulnerability in multiple products In GLPI from version 9.1 and before version 9.4.6, any API user with READ right on User itemtype will have access to full list of users when querying apirest.php/User. network low complexity glpi-project fedoraproject CWE-200	7.2
2020-04-30	CVE-2020-12050	Race Condition vulnerability in multiple products SQLiteODBC 0.9996, as packaged for certain Linux distributions as 0.9996-4, has a race condition leading to root privilege escalation because any user can replace a /tmp/sqliteodbc$$ file with new contents that cause loading of an arbitrary library. local high complexity fedoraproject opensuse sqliteodbc-project CWE-362	7.0
2020-04-29	CVE-2020-11884	Race Condition vulnerability in multiple products In the Linux kernel 4.19 through 5.6.7 on the s390 platform, code execution may occur because of a race condition, as demonstrated by code in enable_sacf_uaccess in arch/s390/lib/uaccess.c that fails to protect against a concurrent page table upgrade, aka CID-3f777e19d171. local high complexity linux canonical debian fedoraproject netapp CWE-362	7.0
2020-04-28	CVE-2020-10663	Improper Input Validation vulnerability in multiple products The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability. network low complexity json-project fedoraproject opensuse debian apple CWE-20	7.5
2020-04-22	CVE-2020-12066	Improper Input Validation vulnerability in multiple products CServer::SendMsg in engine/server/server.cpp in Teeworlds 0.7.x before 0.7.5 allows remote attackers to shut down the server. network low complexity teeworlds opensuse fedoraproject debian canonical CWE-20	7.5
2020-04-21	CVE-2020-11008	Insufficiently Protected Credentials vulnerability in multiple products Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. network low complexity git-scm debian canonical fedoraproject CWE-522	7.5
2020-04-21	CVE-2020-1967	NULL Pointer Dereference vulnerability in multiple products Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signature_algorithms_cert" TLS extension. network low complexity openssl debian freebsd fedoraproject oracle netapp broadcom opensuse jdedwards tenable CWE-476	7.5
2020-04-17	CVE-2020-0081	Double Free vulnerability in multiple products In finalize of AssetManager.java, there is possible memory corruption due to a double free. local low complexity google fedoraproject CWE-415	7.8