High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-03-23	CVE-2020-10593	Memory Leak vulnerability in multiple products Tor before 0.3.5.10, 0.4.x before 0.4.1.9, and 0.4.2.x before 0.4.2.7 allows remote attackers to cause a Denial of Service (memory leak), aka TROVE-2020-004. network low complexity torproject opensuse CWE-401	7.5
2020-03-22	CVE-2020-10802	SQL Injection vulnerability in multiple products In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability has been discovered where certain parameters are not properly escaped when generating certain queries for search actions in libraries/classes/Controllers/Table/TableSearchController.php. network low complexity phpmyadmin debian fedoraproject opensuse suse CWE-89	8.0
2020-03-22	CVE-2020-10804	SQL Injection vulnerability in multiple products In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was found in retrieval of the current username (in libraries/classes/Server/Privileges.php and libraries/classes/UserPassword.php). network low complexity phpmyadmin fedoraproject opensuse suse CWE-89	8.0
2020-02-28	CVE-2019-3698	UNIX Symbolic Link (Symlink) Following vulnerability in the cronjob shipped with nagios of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 11; openSUSE Factory allows local attackers to cause cause DoS or potentially escalate privileges by winning a race. local high complexity nagios opensuse	7.0
2020-02-20	CVE-2020-9273	Use After Free vulnerability in multiple products In ProFTPD 1.3.7, it is possible to corrupt the memory pool by interrupting the data transfer channel. network low complexity proftpd debian fedoraproject opensuse siemens CWE-416	8.8
2020-02-20	CVE-2020-9272	Out-of-bounds Read vulnerability in multiple products ProFTPD 1.3.7 has an out-of-bounds (OOB) read vulnerability in mod_cap via the cap_text.c cap_to_text function. network low complexity proftpd siemens opensuse CWE-125	7.5
2020-02-11	CVE-2020-6416	Improper Input Validation vulnerability in multiple products Insufficient data validation in streams in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject debian suse opensuse redhat CWE-20	8.8
2020-02-11	CVE-2020-6415	Out-of-bounds Write vulnerability in multiple products Inappropriate implementation in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject debian suse opensuse redhat CWE-787	8.8
2020-02-11	CVE-2020-6414	Insufficient policy enforcement in Safe Browsing in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. network low complexity google opensuse	8.8
2020-02-11	CVE-2020-6413	Inappropriate implementation in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass HTML validators via a crafted HTML page. network low complexity google opensuse	8.8