Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-06-29	CVE-2020-14145	Information Exposure Through Discrepancy vulnerability in multiple products The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. network high complexity openbsd netapp CWE-203	5.9
2020-06-15	CVE-2020-4051	In Dijit before versions 1.11.11, and greater than or equal to 1.12.0 and less than 1.12.9, and greater than or equal to 1.13.0 and less than 1.13.8, and greater than or equal to 1.14.0 and less than 1.14.7, and greater than or equal to 1.15.0 and less than 1.15.4, and greater than or equal to 1.16.0 and less than 1.16.3, there is a cross-site scripting vulnerability in the Editor's LinkDialog plugin. network low complexity openjsf debian netapp	5.4
2020-06-15	CVE-2020-14155	Integer Overflow or Wraparound vulnerability in multiple products libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring. network low complexity pcre apple gitlab oracle netapp splunk CWE-190	5.3
2020-06-12	CVE-2020-10732	A flaw was found in the Linux kernel's implementation of Userspace core dumps. local low complexity linux opensuse canonical netapp	4.4
2020-06-03	CVE-2020-13776	Improper Privilege Management vulnerability in multiple products systemd through v245 mishandles numerical usernames such as ones composed of decimal digits or 0x followed by hex digits, as demonstrated by use of root privileges when privileges of the 0x0 user account were intended. local high complexity systemd-project netapp fedoraproject CWE-269	6.7
2020-05-26	CVE-2020-10719	HTTP Request Smuggling vulnerability in multiple products A flaw was found in Undertow in versions before 2.1.1.Final, regarding the processing of invalid HTTP requests with large chunk sizes. network low complexity redhat netapp CWE-444	6.5
2020-05-19	CVE-2020-7656	Cross-site Scripting vulnerability in multiple products jquery prior to 1.9.0 allows Cross-site Scripting attacks via the load method. network low complexity jquery oracle netapp juniper CWE-79	6.1
2020-05-18	CVE-2020-13143	Out-of-bounds Read vulnerability in multiple products gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attackers to trigger an out-of-bounds read, aka CID-15753588bcd4. network low complexity linux opensuse debian canonical netapp CWE-125	6.5
2020-05-15	CVE-2020-12888	Improper Handling of Exceptional Conditions vulnerability in multiple products The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space. local high complexity linux fedoraproject opensuse debian canonical netapp CWE-755	5.3
2020-05-09	CVE-2020-12771	Improper Locking vulnerability in multiple products An issue was discovered in the Linux kernel through 5.6.11. local low complexity linux debian opensuse canonical netapp oracle CWE-667	5.5