High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-03-20	CVE-2019-14855	Inadequate Encryption Strength vulnerability in multiple products A flaw was found in the way certificate signatures could be forged using collisions found in the SHA-1 algorithm. network low complexity gnupg fedoraproject canonical CWE-326	7.5
2020-03-19	CVE-2020-10675	Infinite Loop vulnerability in multiple products The Library API in buger jsonparser through 2019-12-04 allows attackers to cause a denial of service (infinite loop) via a Delete call. network low complexity jsonparser-project fedoraproject CWE-835	7.5
2020-03-16	CVE-2020-7919	Improper Certificate Validation vulnerability in multiple products Go before 1.12.16 and 1.13.x before 1.13.7 (and the crypto/cryptobyte package before 0.0.0-20200124225646-8b5121be2f68 for Go) allows attacks on clients (resulting in a panic) via a malformed X.509 certificate. network low complexity golang debian fedoraproject netapp CWE-295	7.5
2020-03-16	CVE-2020-6582	Incorrect Conversion between Numeric Types vulnerability in multiple products Nagios NRPE 3.2.1 has a Heap-Based Buffer Overflow, as demonstrated by interpretation of a small negative number as a large positive number during a bzero call. network low complexity nagios fedoraproject CWE-681	7.5
2020-03-16	CVE-2020-6581	Nagios NRPE 3.2.1 has Insufficient Filtering because, for example, nasty_metachars interprets \n as the character \ and the character n (not as the \n newline sequence). local low complexity nagios fedoraproject	7.3
2020-03-12	CVE-2020-10531	Integer Overflow or Wraparound vulnerability in multiple products An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. network low complexity icu-project redhat google fedoraproject debian canonical opensuse oracle nodejs CWE-190	8.8
2020-03-05	CVE-2020-10174	Link Following vulnerability in multiple products init_tmp in TeeJee.FileSystem.vala in Timeshift before 20.03 unsafely reuses a preexisting temporary directory in the predictable location /tmp/timeshift. local high complexity timeshift-project fedoraproject canonical CWE-59	7.0
2020-03-05	CVE-2020-9402	SQL Injection vulnerability in multiple products Django 1.11 before 1.11.29, 2.2 before 2.2.11, and 3.0 before 3.0.4 allows SQL Injection if untrusted data is used as a tolerance parameter in GIS functions and aggregates on Oracle. network low complexity djangoproject debian fedoraproject netapp canonical CWE-89	8.8
2020-02-28	CVE-2020-5247	In Puma (RubyGem) before 4.3.2 and before 3.12.3, if an application using Puma allows untrusted input in a response header, an attacker can use newline characters (i.e. network low complexity ruby-lang puma debian fedoraproject	7.5
2020-02-27	CVE-2020-9431	Memory Leak vulnerability in multiple products In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the LTE RRC dissector could leak memory. network low complexity wireshark opensuse fedoraproject debian CWE-401	7.5