High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-05-19	CVE-2020-13164	Uncontrolled Recursion vulnerability in multiple products In Wireshark 3.2.0 to 3.2.3, 3.0.0 to 3.0.10, and 2.6.0 to 2.6.16, the NFS dissector could crash. network low complexity wireshark debian opensuse fedoraproject CWE-674	7.5
2020-05-19	CVE-2020-10995	Resource Exhaustion vulnerability in multiple products PowerDNS Recursor from 4.1.0 up to and including 4.3.0 does not sufficiently defend against amplification attacks. network low complexity powerdns fedoraproject debian opensuse CWE-400	7.5
2020-05-19	CVE-2020-1695	A flaw was found in all resteasy 3.x.x versions prior to 3.12.0.Final and all resteasy 4.x.x versions prior to 4.6.0.Final, where an improper input validation results in returning an illegal header that integrates into the server's response. network low complexity redhat fedoraproject	7.5
2020-05-19	CVE-2020-12663	Infinite Loop vulnerability in multiple products Unbound before 1.10.1 has an infinite loop via malformed DNS answers received from upstream servers. network low complexity nlnetlabs debian opensuse canonical fedoraproject CWE-835	7.5
2020-05-19	CVE-2020-12662	Resource Exhaustion vulnerability in multiple products Unbound before 1.10.1 has Insufficient Control of Network Message Volume, aka an "NXNSAttack" issue. network low complexity nlnetlabs debian opensuse canonical fedoraproject CWE-400	7.5
2020-05-19	CVE-2020-12244	Improper Verification of Cryptographic Signature vulnerability in multiple products An issue has been found in PowerDNS Recursor 4.1.0 through 4.3.0 where records in the answer section of a NXDOMAIN response lacking an SOA were not properly validated in SyncRes::processAnswer, allowing an attacker to bypass DNSSEC validation. network low complexity powerdns fedoraproject debian opensuse CWE-347	7.5
2020-05-15	CVE-2018-10756	Use After Free vulnerability in multiple products Use-after-free in libtransmission/variant.c in Transmission before 3.00 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted torrent file. local low complexity transmissionbt debian fedoraproject CWE-416	7.8
2020-05-13	CVE-2020-3341	Improper Input Validation vulnerability in multiple products A vulnerability in the PDF archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.101 - 0.102.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. network low complexity cisco canonical fedoraproject debian CWE-20	7.5
2020-05-13	CVE-2020-3327	Improper Input Validation vulnerability in multiple products A vulnerability in the ARJ archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. network low complexity cisco debian fedoraproject canonical CWE-20	7.5
2020-05-12	CVE-2020-8156	Improper Certificate Validation vulnerability in multiple products A missing verification of the TLS host in Nextcloud Mail 1.1.3 allowed a man in the middle attack. network high complexity nextcloud fedoraproject CWE-295	7.0