High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-03-23	CVE-2020-6424	Use After Free vulnerability in multiple products Use after free in media in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian fedoraproject suse opensuse CWE-416	8.8
2020-03-23	CVE-2020-6422	Out-of-bounds Write vulnerability in multiple products Use after free in WebGL in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject debian suse opensuse CWE-787	8.8
2020-03-23	CVE-2020-6420	Insufficient policy enforcement in media in Google Chrome prior to 80.0.3987.132 allowed a remote attacker to bypass same origin policy via a crafted HTML page. network low complexity google debian fedoraproject	8.8
2020-03-22	CVE-2020-10802	SQL Injection vulnerability in multiple products In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability has been discovered where certain parameters are not properly escaped when generating certain queries for search actions in libraries/classes/Controllers/Table/TableSearchController.php. network low complexity phpmyadmin debian fedoraproject opensuse suse CWE-89	8.0
2020-03-22	CVE-2020-10804	SQL Injection vulnerability in multiple products In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was found in retrieval of the current username (in libraries/classes/Server/Privileges.php and libraries/classes/UserPassword.php). network low complexity phpmyadmin fedoraproject opensuse suse CWE-89	8.0
2020-03-20	CVE-2019-14855	Inadequate Encryption Strength vulnerability in multiple products A flaw was found in the way certificate signatures could be forged using collisions found in the SHA-1 algorithm. network low complexity gnupg fedoraproject canonical CWE-326	7.5
2020-03-19	CVE-2020-10675	Infinite Loop vulnerability in multiple products The Library API in buger jsonparser through 2019-12-04 allows attackers to cause a denial of service (infinite loop) via a Delete call. network low complexity jsonparser-project fedoraproject CWE-835	7.5
2020-03-16	CVE-2020-7919	Improper Certificate Validation vulnerability in multiple products Go before 1.12.16 and 1.13.x before 1.13.7 (and the crypto/cryptobyte package before 0.0.0-20200124225646-8b5121be2f68 for Go) allows attacks on clients (resulting in a panic) via a malformed X.509 certificate. network low complexity golang debian fedoraproject netapp CWE-295	7.5
2020-03-16	CVE-2020-6582	Incorrect Conversion between Numeric Types vulnerability in multiple products Nagios NRPE 3.2.1 has a Heap-Based Buffer Overflow, as demonstrated by interpretation of a small negative number as a large positive number during a bzero call. network low complexity nagios fedoraproject CWE-681	7.5
2020-03-16	CVE-2020-6581	Nagios NRPE 3.2.1 has Insufficient Filtering because, for example, nasty_metachars interprets \n as the character \ and the character n (not as the \n newline sequence). local low complexity nagios fedoraproject	7.3