High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-02-04	CVE-2019-12528	An issue was discovered in Squid before 4.10. network low complexity squid-cache fedoraproject debian opensuse canonical	7.5
2020-02-04	CVE-2020-8450	Incorrect Calculation of Buffer Size vulnerability in multiple products An issue was discovered in Squid before 4.10. network low complexity squid-cache canonical opensuse fedoraproject debian CWE-131	7.3
2020-02-04	CVE-2020-8449	Exposure of Resource to Wrong Sphere vulnerability in multiple products An issue was discovered in Squid before 4.10. network low complexity squid-cache debian canonical opensuse fedoraproject CWE-668	7.5
2020-01-31	CVE-2011-4088	Information Exposure vulnerability in multiple products ABRT might allow attackers to obtain sensitive information from crash reports. network low complexity abrt-project fedoraproject redhat CWE-200	7.5
2020-01-28	CVE-2014-2581	Insufficiently Protected Credentials vulnerability in multiple products Smb4K before 1.1.1 allows remote attackers to obtain credentials via vectors related to the cuid option in the "Additional options" line edit. network low complexity smb4k-project fedoraproject CWE-522	7.5
2020-01-28	CVE-2013-1895	Improper Restriction of Excessive Authentication Attempts vulnerability in multiple products The py-bcrypt module before 0.3 for Python does not properly handle concurrent memory access, which allows attackers to bypass authentication via multiple authentication requests, which trigger the password hash to be overwritten. network low complexity python fedoraproject CWE-307	7.5
2020-01-27	CVE-2020-7238	HTTP Request Smuggling vulnerability in multiple products Netty 4.1.43.Final allows HTTP Request Smuggling because it mishandles Transfer-Encoding whitespace (such as a [space]Transfer-Encoding:chunked line) and a later Content-Length header. network low complexity netty fedoraproject debian redhat CWE-444	7.5
2020-01-24	CVE-2015-9541	XML Entity Expansion vulnerability in multiple products Qt through 5.14 allows an exponential XML entity expansion attack via a crafted SVG document that is mishandled in QXmlStreamReader, a related issue to CVE-2003-1564. network low complexity qt fedoraproject CWE-776	7.5
2020-01-21	CVE-2020-7595	Infinite Loop vulnerability in multiple products xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation. network low complexity xmlsoft fedoraproject canonical debian siemens netapp oracle CWE-835	7.5
2020-01-21	CVE-2019-20388	Memory Leak vulnerability in multiple products xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak. network low complexity xmlsoft debian netapp oracle opensuse fedoraproject CWE-401	7.5