High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-03-12	CVE-2020-10531	Integer Overflow or Wraparound vulnerability in multiple products An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. network low complexity icu-project redhat google fedoraproject debian canonical opensuse oracle nodejs CWE-190	8.8
2020-03-05	CVE-2020-10174	Link Following vulnerability in multiple products init_tmp in TeeJee.FileSystem.vala in Timeshift before 20.03 unsafely reuses a preexisting temporary directory in the predictable location /tmp/timeshift. local high complexity timeshift-project fedoraproject canonical CWE-59	7.0
2020-03-05	CVE-2020-9402	SQL Injection vulnerability in multiple products Django 1.11 before 1.11.29, 2.2 before 2.2.11, and 3.0 before 3.0.4 allows SQL Injection if untrusted data is used as a tolerance parameter in GIS functions and aggregates on Oracle. network low complexity djangoproject debian fedoraproject netapp canonical CWE-89	8.8
2020-02-28	CVE-2020-5247	HTTP Response Splitting vulnerability in multiple products In Puma (RubyGem) before 4.3.2 and before 3.12.3, if an application using Puma allows untrusted input in a response header, an attacker can use newline characters (i.e. network low complexity ruby-lang puma debian fedoraproject CWE-113	7.5
2020-02-27	CVE-2020-9431	Memory Leak vulnerability in multiple products In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the LTE RRC dissector could leak memory. network low complexity wireshark opensuse fedoraproject debian CWE-401	7.5
2020-02-27	CVE-2020-9430	Improper Input Validation vulnerability in multiple products In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the WiMax DLMAP dissector could crash. network low complexity wireshark fedoraproject opensuse debian CWE-20	7.5
2020-02-27	CVE-2020-9428	Out-of-bounds Read vulnerability in multiple products In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the EAP dissector could crash. network low complexity wireshark debian fedoraproject opensuse CWE-125	7.5
2020-02-27	CVE-2020-6418	Type Confusion vulnerability in multiple products Type confusion in V8 in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject redhat debian CWE-843	8.8
2020-02-27	CVE-2020-6386	Use After Free vulnerability in multiple products Use after free in speech in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject redhat debian CWE-416	8.8
2020-02-27	CVE-2020-6384	Use After Free vulnerability in multiple products Use after free in WebAudio in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject redhat debian CWE-416	8.8