Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-11-19	CVE-2020-25700	SQL Injection vulnerability in multiple products In moodle, some database module web services allowed students to add entries within groups they did not belong to. network low complexity moodle fedoraproject CWE-89	6.5
2020-11-12	CVE-2020-8698	Exposure of Resource to Wrong Sphere vulnerability in multiple products Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. local low complexity intel netapp fedoraproject debian siemens CWE-668	5.5
2020-11-12	CVE-2020-8696	Improper Cross-boundary Removal of Sensitive Data vulnerability in multiple products Improper removal of sensitive information before storage or transfer in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. local low complexity intel netapp fedoraproject debian CWE-212	5.5
2020-11-12	CVE-2020-8695	Information Exposure Through Discrepancy vulnerability in multiple products Observable discrepancy in the RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. local low complexity intel fedoraproject debian CWE-203	5.5
2020-11-12	CVE-2020-25658	It was found that python-rsa is vulnerable to Bleichenbacher timing attacks. network high complexity python-rsa-project redhat fedoraproject	5.9
2020-11-10	CVE-2020-28368	Missing Authorization vulnerability in multiple products Xen through 4.14.x allows guest OS administrators to obtain sensitive information (such as AES keys from outside the guest) via a side-channel attack on a power/energy monitoring interface, aka a "Platypus" attack. local low complexity xen fedoraproject debian CWE-862	4.4
2020-11-06	CVE-2020-28242	Uncontrolled Recursion vulnerability in multiple products An issue was discovered in Asterisk Open Source 13.x before 13.37.1, 16.x before 16.14.1, 17.x before 17.8.1, and 18.x before 18.0.1 and Certified Asterisk before 16.8-cert5. network low complexity asterisk sangoma fedoraproject debian CWE-674	6.5
2020-11-06	CVE-2020-28241	Out-of-bounds Read vulnerability in multiple products libmaxminddb before 1.4.3 has a heap-based buffer over-read in dump_entry_data_list in maxminddb.c. network low complexity maxmind debian fedoraproject CWE-125	6.5
2020-11-04	CVE-2020-28049	Race Condition vulnerability in multiple products An issue was discovered in SDDM before 0.19.0. local high complexity sddm-project opensuse debian fedoraproject CWE-362	6.3
2020-11-03	CVE-2020-6557	Inappropriate implementation in networking in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page. network low complexity google debian fedoraproject opensuse	6.5