High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-05-12	CVE-2020-8153	Incorrect Permission Assignment for Critical Resource vulnerability in multiple products Improper access control in Groupfolders app 4.0.3 allowed to delete hidden directories when when renaming an accessible item to the same name. network low complexity nextcloud fedoraproject CWE-732	8.1
2020-05-12	CVE-2020-8151	Incorrect Authorization vulnerability in multiple products There is a possible information disclosure issue in Active Resource <v5.1.1 that could allow an attacker to create specially crafted requests to access data in an unexpected way and possibly leak information. network low complexity rubyonrails fedoraproject CWE-863	7.5
2020-05-11	CVE-2020-11866	Use After Free vulnerability in multiple products libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows a use-after-free. local low complexity libemf-project opensuse fedoraproject CWE-416	7.8
2020-05-11	CVE-2020-11865	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows out-of-bounds memory access. local low complexity libemf-project opensuse fedoraproject CWE-119	7.8
2020-05-11	CVE-2020-12783	Out-of-bounds Read vulnerability in multiple products Exim through 4.93 has an out-of-bounds read in the SPA authenticator that could result in SPA/NTLM authentication bypass in auths/spa.c and auths/auth-spa.c. network low complexity exim fedoraproject debian canonical CWE-125	7.5
2020-05-09	CVE-2020-12762	Integer Overflow or Wraparound vulnerability in multiple products json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend. local low complexity json-c fedoraproject debian canonical siemens CWE-190	7.8
2020-05-06	CVE-2020-10704	Uncontrolled Recursion vulnerability in multiple products A flaw was found when using samba as an Active Directory Domain Controller. network low complexity samba fedoraproject opensuse debian CWE-674	7.5
2020-05-05	CVE-2020-11033	Information Exposure vulnerability in multiple products In GLPI from version 9.1 and before version 9.4.6, any API user with READ right on User itemtype will have access to full list of users when querying apirest.php/User. network low complexity glpi-project fedoraproject CWE-200	7.2
2020-04-30	CVE-2020-12050	Race Condition vulnerability in multiple products SQLiteODBC 0.9996, as packaged for certain Linux distributions as 0.9996-4, has a race condition leading to root privilege escalation because any user can replace a /tmp/sqliteodbc$$ file with new contents that cause loading of an arbitrary library. local high complexity fedoraproject opensuse sqliteodbc-project CWE-362	7.0
2020-04-29	CVE-2020-11884	Race Condition vulnerability in multiple products In the Linux kernel 4.19 through 5.6.7 on the s390 platform, code execution may occur because of a race condition, as demonstrated by code in enable_sacf_uaccess in arch/s390/lib/uaccess.c that fails to protect against a concurrent page table upgrade, aka CID-3f777e19d171. local high complexity linux canonical debian fedoraproject netapp CWE-362	7.0