High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-04-07	CVE-2013-7488	Infinite Loop vulnerability in multiple products perl-Convert-ASN1 (aka the Convert::ASN1 module for Perl) through 0.27 allows remote attackers to cause an infinite loop via unexpected input. network low complexity convert fedoraproject CWE-835	7.5
2020-04-03	CVE-2020-11501	Use of Insufficiently Random Values vulnerability in multiple products GnuTLS 3.6.x before 3.6.13 uses incorrect cryptography for DTLS. network high complexity gnu debian opensuse canonical fedoraproject CWE-330	7.4
2020-04-02	CVE-2020-8835	Out-of-bounds Write vulnerability in multiple products In the Linux kernel 5.5.0 and newer, the bpf verifier (kernel/bpf/verifier.c) did not properly restrict the register bounds for 32-bit operations, leading to out-of-bounds reads and writes in kernel memory. local low complexity linux fedoraproject canonical netapp CWE-787	7.8
2020-04-02	CVE-2020-11100	Out-of-bounds Write vulnerability in multiple products In hpack_dht_insert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write arbitrary bytes around a certain location on the heap via a crafted HTTP/2 request, possibly causing remote code execution. network low complexity haproxy debian redhat fedoraproject canonical opensuse CWE-787	8.8
2020-04-01	CVE-2020-6096	Signed to Unsigned Conversion Error vulnerability in multiple products An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. network high complexity gnu fedoraproject debian CWE-195	8.1
2020-03-24	CVE-2020-10684	Missing Authorization vulnerability in multiple products A flaw was found in Ansible Engine, all versions 2.7.x, 2.8.x and 2.9.x prior to 2.7.17, 2.8.9 and 2.9.6 respectively, when using ansible_facts as a subkey of itself and promoting it to a variable when inject is enabled, overwriting the ansible_facts after the clean. local low complexity redhat debian fedoraproject CWE-862	7.1
2020-03-23	CVE-2020-6449	Use After Free vulnerability in multiple products Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian fedoraproject suse opensuse CWE-416	8.8
2020-03-23	CVE-2020-6429	Out-of-bounds Write vulnerability in multiple products Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian fedoraproject suse opensuse CWE-787	8.8
2020-03-23	CVE-2020-6428	Out-of-bounds Write vulnerability in multiple products Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google suse opensuse fedoraproject debian CWE-787	8.8
2020-03-23	CVE-2020-6427	Out-of-bounds Write vulnerability in multiple products Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian fedoraproject suse opensuse CWE-787	8.8