Leap

DATE	CVE	VULNERABILITY TITLE	RISK
2020-06-22	CVE-2020-8907	Incorrect Default Permissions vulnerability in multiple products A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. local low complexity google opensuse CWE-276	7.8
2020-06-22	CVE-2020-8903	Incorrect Default Permissions vulnerability in multiple products A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. local low complexity google opensuse CWE-276	7.8
2020-06-21	CVE-2020-14954	Injection vulnerability in multiple products Mutt before 1.14.4 and NeoMutt before 2020-06-19 have a STARTTLS buffering issue that affects IMAP, SMTP, and POP3. network high complexity mutt debian neomutt fedoraproject canonical opensuse CWE-74	5.9
2020-06-19	CVE-2020-8165	Deserialization of Untrusted Data vulnerability in multiple products A deserialization of untrusted data vulnernerability exists in rails < 5.2.4.3, rails < 6.0.3.1 that can allow an attacker to unmarshal user-provided objects in MemCacheStore and RedisCacheStore potentially resulting in an RCE. network low complexity rubyonrails debian opensuse CWE-502 critical	9.8
2020-06-19	CVE-2020-8164	Deserialization of Untrusted Data vulnerability in multiple products A deserialization of untrusted data vulnerability exists in rails < 5.2.4.3, rails < 6.0.3.1 which can allow an attacker to supply information can be inadvertently leaked fromStrong Parameters. network low complexity rubyonrails debian opensuse CWE-502	7.5
2020-06-18	CVE-2017-9104	Resource Exhaustion vulnerability in multiple products An issue was discovered in adns before 1.5.2. network low complexity gnu opensuse fedoraproject CWE-400 critical	9.8
2020-06-18	CVE-2017-9103	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in adns before 1.5.2. network low complexity gnu opensuse fedoraproject CWE-119 critical	9.8
2020-06-18	CVE-2020-14422	Use of Insufficiently Random Values vulnerability in multiple products Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a remote attacker to cause a denial of service if an application is affected by the performance of a dictionary containing IPv4Interface or IPv6Interface objects, and this attacker can cause many dictionary entries to be created. network high complexity opensuse python fedoraproject oracle CWE-330	5.9
2020-06-18	CVE-2017-9109	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in adns before 1.5.2. network low complexity gnu opensuse fedoraproject CWE-119 critical	9.8
2020-06-18	CVE-2017-9108	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in adns before 1.5.2. network low complexity gnu opensuse fedoraproject CWE-119	7.5