Leap

DATE	CVE	VULNERABILITY TITLE	RISK
2020-08-06	CVE-2020-16845	Infinite Loop vulnerability in multiple products Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs. network low complexity golang opensuse debian fedoraproject CWE-835	7.5
2020-08-05	CVE-2020-17353	scm/define-stencil-commands.scm in LilyPond through 2.20.0, and 2.21.x through 2.21.4, when -dsafe is used, lacks restrictions on embedded-ps and embedded-svg, as demonstrated by including dangerous PostScript code. network low complexity lilypond fedoraproject debian opensuse critical	9.8
2020-08-05	CVE-2020-14344	Integer Overflow or Wraparound vulnerability in multiple products An integer overflow leading to a heap-buffer overflow was found in The X Input Method (XIM) client was implemented in libX11 before version 1.6.10. local low complexity x-org fedoraproject canonical opensuse CWE-190	6.7
2020-08-03	CVE-2020-16116	Path Traversal vulnerability in multiple products In kerfuffle/jobs.cpp in KDE Ark before 20.08.0, a crafted archive can install files outside the extraction directory via ../ directory traversal. local low complexity kde debian fedoraproject opensuse canonical CWE-22	3.3
2020-07-31	CVE-2020-14311	Heap-based Buffer Overflow vulnerability in multiple products There is an issue with grub2 before version 2.06 while handling symlink on ext filesystems. local low complexity gnu redhat opensuse canonical CWE-122	6.0
2020-07-31	CVE-2020-14310	Integer Overflow or Wraparound vulnerability in multiple products There is an issue on grub2 before version 2.06 at function read_section_as_string(). local low complexity gnu redhat opensuse canonical CWE-190	6.0
2020-07-30	CVE-2020-16166	Use of Insufficiently Random Values vulnerability in multiple products The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain sensitive information about the internal state of the network RNG, aka CID-f227e3ec3b5c. network high complexity linux opensuse fedoraproject debian canonical netapp oracle CWE-330	3.7
2020-07-30	CVE-2020-14309	Integer Overflow or Wraparound vulnerability in multiple products There's an issue with grub2 in all versions before 2.06 when handling squashfs filesystems containing a symbolic link with name length of UINT32 bytes in size. local low complexity gnu opensuse CWE-190	4.6
2020-07-30	CVE-2020-10713	Classic Buffer Overflow vulnerability in multiple products A flaw was found in grub2, prior to version 2.06. local low complexity gnu debian opensuse vmware CWE-120	8.2
2020-07-29	CVE-2020-14308	Integer Overflow or Wraparound vulnerability in multiple products In grub2 versions before 2.06 the grub memory allocator doesn't check for possible arithmetic overflows on the requested allocation size. local gnu opensuse CWE-190	4.4