Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-05-06	CVE-2020-12108	Injection vulnerability in multiple products /options/mailman in GNU Mailman before 2.1.31 allows Arbitrary Content Injection. network low complexity gnu debian fedoraproject opensuse canonical CWE-74	6.5
2020-05-04	CVE-2020-12625	Cross-site Scripting vulnerability in multiple products An issue was discovered in Roundcube Webmail before 1.4.4. network roundcube debian opensuse CWE-79	4.3
2020-04-24	CVE-2020-12137	Cross-site Scripting vulnerability in multiple products GNU Mailman 2.x before 2.1.30 uses the .obj extension for scrubbed application/octet-stream MIME parts. network low complexity gnu debian fedoraproject canonical opensuse CWE-79	6.1
2020-04-13	CVE-2020-6444	Use of Uninitialized Resource vulnerability in multiple products Uninitialized use in WebRTC in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject debian opensuse CWE-908	6.3
2020-04-13	CVE-2020-6438	Information Exposure Through an Error Message vulnerability in multiple products Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extension. network low complexity google debian fedoraproject opensuse CWE-209	4.3
2020-04-08	CVE-2019-20637	Improper Cross-boundary Removal of Sensitive Data vulnerability in multiple products An issue was discovered in Varnish Cache before 6.0.5 LTS, 6.1.x and 6.2.x before 6.2.2, and 6.3.x before 6.3.1. network low complexity varnish-cache varnish-software opensuse CWE-212	5.0
2020-03-31	CVE-2019-14905	Exposure of Resource to Wrong Sphere vulnerability in multiple products A vulnerability was found in Ansible Engine versions 2.9.x before 2.9.3, 2.8.x before 2.8.8, 2.7.x before 2.7.16 and earlier, where in Ansible's nxos_file_copy module can be used to copy files to a flash or bootflash on NXOS devices. local low complexity redhat fedoraproject opensuse CWE-668	5.6
2020-03-27	CVE-2020-6095	NULL Pointer Dereference vulnerability in multiple products An exploitable denial of service vulnerability exists in the GstRTSPAuth functionality of GStreamer/gst-rtsp-server 1.14.5. network low complexity gstreamer-project opensuse CWE-476	5.0
2020-03-27	CVE-2020-1770	Information Exposure vulnerability in multiple products Support bundle generated files could contain sensitive information that might be unwanted to be disclosed. network low complexity otrs opensuse debian CWE-200	4.3
2020-03-27	CVE-2020-1769	In the login screens (in agent and customer interface), Username and Password fields use autocomplete, which might be considered as security issue. network low complexity otrs opensuse	4.3