Leap

DATE	CVE	VULNERABILITY TITLE	RISK
2020-02-27	CVE-2020-9429	NULL Pointer Dereference vulnerability in multiple products In Wireshark 3.2.0 to 3.2.1, the WireGuard dissector could crash. network low complexity wireshark opensuse CWE-476	7.5
2020-02-27	CVE-2020-9428	Out-of-bounds Read vulnerability in multiple products In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the EAP dissector could crash. network low complexity wireshark debian fedoraproject opensuse CWE-125	7.5
2020-02-27	CVE-2020-7063	Improper Preservation of Permissions vulnerability in multiple products In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when creating PHAR archive using PharData::buildFromIterator() function, the files are added with default permissions (0666, or all access) even if the original files on the filesystem were with more restrictive permissions. network low complexity php tenable debian opensuse CWE-281	5.3
2020-02-27	CVE-2020-7062	NULL Pointer Dereference vulnerability in multiple products In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when using file upload functionality, if upload progress tracking is enabled, but session.upload_progress.cleanup is set to 0 (disabled), and the file upload fails, the upload procedure would try to clean up data that does not exist and encounter null pointer dereference, which would likely lead to a crash. network low complexity php opensuse debian canonical CWE-476	7.5
2020-02-27	CVE-2020-3868	Out-of-bounds Write vulnerability in multiple products Multiple memory corruption issues were addressed with improved memory handling. network low complexity apple opensuse CWE-787	8.8
2020-02-27	CVE-2020-3867	Cross-site Scripting vulnerability in multiple products A logic issue was addressed with improved state management. network low complexity apple opensuse webkitgtk CWE-79	6.1
2020-02-27	CVE-2020-3865	Out-of-bounds Write vulnerability in multiple products Multiple memory corruption issues were addressed with improved memory handling. network low complexity apple opensuse CWE-787	8.8
2020-02-27	CVE-2020-3862	A denial of service issue was addressed with improved memory handling. network low complexity apple opensuse	6.5
2020-02-27	CVE-2020-7043	Improper Certificate Validation vulnerability in multiple products An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL before 1.0.2. network low complexity openfortivpn-project fedoraproject opensuse CWE-295 critical	9.1
2020-02-27	CVE-2020-7042	Use of Uninitialized Resource vulnerability in multiple products An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL 1.0.2 or later. network low complexity openfortivpn-project fedoraproject opensuse CWE-908	5.3