High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-11-03	CVE-2020-16004	Use After Free vulnerability in multiple products Use after free in user interface in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google opensuse fedoraproject debian CWE-416	8.8
2020-10-22	CVE-2020-27672	Use After Free vulnerability in multiple products An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a host OS denial of service, achieve data corruption, or possibly gain privileges by exploiting a race condition that leads to a use-after-free involving 2MiB and 1GiB superpages. local high complexity xen fedoraproject opensuse debian CWE-416	7.0
2020-10-22	CVE-2020-27671	An issue was discovered in Xen through 4.14.x allowing x86 HVM and PVH guest OS users to cause a denial of service (data corruption), cause a data leak, or possibly gain privileges because coalescing of per-page IOMMU TLB flushes is mishandled. local high complexity xen opensuse debian fedoraproject	7.8
2020-10-22	CVE-2020-27670	Insufficient Verification of Data Authenticity vulnerability in multiple products An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a denial of service (data corruption), cause a data leak, or possibly gain privileges because an AMD IOMMU page-table entry can be half-updated. local high complexity xen opensuse fedoraproject debian CWE-345	7.8
2020-10-16	CVE-2020-25829	An issue has been found in PowerDNS Recursor before 4.1.18, 4.2.x before 4.2.5, and 4.3.x before 4.3.5. network low complexity powerdns opensuse	7.5
2020-10-15	CVE-2020-27153	Double Free vulnerability in multiple products In BlueZ before 5.55, a double free was found in the gatttool disconnect_cb() routine from shared/att.c. network low complexity bluez debian opensuse CWE-415	8.6
2020-10-13	CVE-2020-25645	A flaw was found in the Linux kernel in versions before 5.9-rc7. network low complexity linux debian netapp opensuse canonical	7.5
2020-10-06	CVE-2020-25866	NULL Pointer Dereference vulnerability in multiple products In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed (not uncompressed) messages. network low complexity wireshark fedoraproject opensuse oracle CWE-476	7.5
2020-10-06	CVE-2020-25863	In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the MIME Multipart dissector could crash. network low complexity wireshark fedoraproject opensuse debian oracle	7.5
2020-10-06	CVE-2020-25862	Improper Validation of Integrity Check Value vulnerability in multiple products In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the TCP dissector could crash. network low complexity wireshark fedoraproject opensuse debian oracle CWE-354	7.5