Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-05-09	CVE-2020-12770	An issue was discovered in the Linux kernel through 5.6.11. local low complexity linux fedoraproject canonical debian netapp	6.7
2020-05-06	CVE-2020-12108	Injection vulnerability in multiple products /options/mailman in GNU Mailman before 2.1.31 allows Arbitrary Content Injection. network low complexity gnu debian fedoraproject opensuse canonical CWE-74	6.5
2020-05-05	CVE-2020-12666	Open Redirect vulnerability in multiple products macaron before 1.3.7 has an open redirect in the static handler, as demonstrated by the http://127.0.0.1:4000//example.com/ URL. network low complexity go-macaron fedoraproject CWE-601	6.1
2020-05-04	CVE-2020-10700	Use After Free vulnerability in multiple products A use-after-free flaw was found in the way samba AD DC LDAP servers, handled 'Paged Results' control is combined with the 'ASQ' control. network high complexity samba fedoraproject opensuse CWE-416	5.3
2020-05-04	CVE-2020-10933	Use of Uninitialized Resource vulnerability in multiple products An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0. network low complexity ruby-lang fedoraproject debian CWE-908	5.3
2020-04-29	CVE-2020-11022	In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. network low complexity jquery drupal debian fedoraproject oracle netapp opensuse tenable	6.1
2020-04-29	CVE-2020-11023	Cross-site Scripting vulnerability in multiple products In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. network low complexity jquery debian fedoraproject drupal oracle netapp tenable CWE-79	6.1
2020-04-29	CVE-2020-12459	Incorrect Permission Assignment for Critical Resource vulnerability in multiple products In certain Red Hat packages for Grafana 6.x through 6.3.6, the configuration files /etc/grafana/grafana.ini and /etc/grafana/ldap.toml (which contain a secret_key and a bind_password) are world readable. local low complexity grafana fedoraproject CWE-732	5.5
2020-04-29	CVE-2020-12458	Incorrect Permission Assignment for Critical Resource vulnerability in multiple products An information-disclosure flaw was found in Grafana through 6.7.3. local low complexity grafana redhat fedoraproject CWE-732	5.5
2020-04-27	CVE-2020-12272	Authentication Bypass by Spoofing vulnerability in multiple products OpenDMARC through 1.3.2 and 1.4.x allows attacks that inject authentication results to provide false information about the domain that originated an e-mail message. network low complexity trusteddomain fedoraproject CWE-290	5.3