High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-04-02	CVE-2020-8835	Out-of-bounds Write vulnerability in multiple products In the Linux kernel 5.5.0 and newer, the bpf verifier (kernel/bpf/verifier.c) did not properly restrict the register bounds for 32-bit operations, leading to out-of-bounds reads and writes in kernel memory. local low complexity linux fedoraproject canonical netapp CWE-787	7.8
2020-04-02	CVE-2020-11100	Out-of-bounds Write vulnerability in multiple products In hpack_dht_insert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write arbitrary bytes around a certain location on the heap via a crafted HTTP/2 request, possibly causing remote code execution. network low complexity haproxy debian redhat fedoraproject canonical opensuse CWE-787	8.8
2020-04-01	CVE-2020-6096	An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. network high complexity gnu fedoraproject debian	8.1
2020-03-24	CVE-2020-10684	Missing Authorization vulnerability in multiple products A flaw was found in Ansible Engine, all versions 2.7.x, 2.8.x and 2.9.x prior to 2.7.17, 2.8.9 and 2.9.6 respectively, when using ansible_facts as a subkey of itself and promoting it to a variable when inject is enabled, overwriting the ansible_facts after the clean. local low complexity redhat debian fedoraproject CWE-862	7.1
2020-03-23	CVE-2020-6449	Use After Free vulnerability in multiple products Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian fedoraproject suse opensuse CWE-416	8.8
2020-03-23	CVE-2020-6429	Out-of-bounds Write vulnerability in multiple products Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian fedoraproject suse opensuse CWE-787	8.8
2020-03-23	CVE-2020-6428	Out-of-bounds Write vulnerability in multiple products Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google suse opensuse fedoraproject debian CWE-787	8.8
2020-03-23	CVE-2020-6427	Out-of-bounds Write vulnerability in multiple products Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian fedoraproject suse opensuse CWE-787	8.8
2020-03-23	CVE-2020-6424	Use After Free vulnerability in multiple products Use after free in media in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google debian fedoraproject suse opensuse CWE-416	8.8
2020-03-23	CVE-2020-6422	Out-of-bounds Write vulnerability in multiple products Use after free in WebGL in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject debian suse opensuse CWE-787	8.8