Leap

DATE	CVE	VULNERABILITY TITLE	RISK
2020-10-07	CVE-2020-11800	Zabbix Server 2.2.x and 3.0.x before 3.0.31, and 3.2 allows remote attackers to execute arbitrary code. network low complexity zabbix opensuse debian	7.5
2020-10-07	CVE-2020-14355	Classic Buffer Overflow vulnerability in multiple products Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system, before spice-0.14.2-1. network low complexity spice-project redhat canonical debian opensuse CWE-120	6.6
2020-10-06	CVE-2020-25866	NULL Pointer Dereference vulnerability in multiple products In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed (not uncompressed) messages. network low complexity wireshark fedoraproject opensuse oracle CWE-476	7.5
2020-10-06	CVE-2020-25863	In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the MIME Multipart dissector could crash. network low complexity wireshark fedoraproject opensuse debian oracle	7.5
2020-10-06	CVE-2020-25862	Improper Validation of Integrity Check Value vulnerability in multiple products In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the TCP dissector could crash. network low complexity wireshark fedoraproject opensuse debian oracle CWE-354	7.5
2020-10-06	CVE-2020-25637	Double Free vulnerability in multiple products A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting information about network interfaces of a running QEMU domain. local low complexity redhat opensuse CWE-415	6.7
2020-10-06	CVE-2020-25643	Improper Input Validation vulnerability in multiple products A flaw was found in the HDLC_PPP module of the Linux kernel in versions before 5.9-rc7. network low complexity linux redhat opensuse debian netapp starwindsoftware CWE-20	7.2
2020-10-06	CVE-2020-25641	Infinite Loop vulnerability in multiple products A flaw was found in the Linux kernel's implementation of biovecs in versions before 5.9-rc7. local low complexity linux redhat opensuse debian canonical CWE-835	5.5
2020-10-05	CVE-2020-8228	Improper Restriction of Excessive Authentication Attempts vulnerability in multiple products A missing rate limit in the Preferred Providers app 1.7.0 allowed an attacker to set the password an uncontrolled amount of times. network low complexity nextcloud opensuse CWE-307	5.0
2020-10-02	CVE-2020-7070	Reliance on Cookies without Validation and Integrity Checking vulnerability in multiple products In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when PHP is processing incoming HTTP cookie values, the cookie names are url-decoded. network low complexity php fedoraproject debian opensuse canonical netapp tenable CWE-565	5.3