High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-10-22	CVE-2020-27671	An issue was discovered in Xen through 4.14.x allowing x86 HVM and PVH guest OS users to cause a denial of service (data corruption), cause a data leak, or possibly gain privileges because coalescing of per-page IOMMU TLB flushes is mishandled. local high complexity xen opensuse debian fedoraproject	7.8
2020-10-22	CVE-2020-27670	Insufficient Verification of Data Authenticity vulnerability in multiple products An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a denial of service (data corruption), cause a data leak, or possibly gain privileges because an AMD IOMMU page-table entry can be half-updated. local high complexity xen opensuse fedoraproject debian CWE-345	7.8
2020-10-22	CVE-2020-15683	Use After Free vulnerability in multiple products Mozilla developers and community members reported memory safety bugs present in Firefox 81 and Firefox ESR 78.3. network low complexity mozilla debian opensuse CWE-416	7.5
2020-10-15	CVE-2020-27153	Double Free vulnerability in multiple products In BlueZ before 5.55, a double free was found in the gatttool disconnect_cb() routine from shared/att.c. network low complexity bluez debian opensuse CWE-415	7.5
2020-10-07	CVE-2020-11800	Zabbix Server 2.2.x and 3.0.x before 3.0.31, and 3.2 allows remote attackers to execute arbitrary code. network low complexity zabbix opensuse debian	7.5
2020-10-06	CVE-2020-25866	NULL Pointer Dereference vulnerability in multiple products In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed (not uncompressed) messages. network low complexity wireshark fedoraproject opensuse oracle CWE-476	7.5
2020-10-06	CVE-2020-25863	In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the MIME Multipart dissector could crash. network low complexity wireshark fedoraproject opensuse debian oracle	7.5
2020-10-06	CVE-2020-25862	Improper Validation of Integrity Check Value vulnerability in multiple products In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the TCP dissector could crash. network low complexity wireshark fedoraproject opensuse debian oracle CWE-354	7.5
2020-10-06	CVE-2020-25643	Improper Input Validation vulnerability in multiple products A flaw was found in the HDLC_PPP module of the Linux kernel in versions before 5.9-rc7. network low complexity linux redhat opensuse debian netapp starwindsoftware CWE-20	7.2
2020-10-01	CVE-2020-15678	Use After Free vulnerability in multiple products When recursing through graphical layers while scrolling, an iterator may have become invalid, resulting in a potential use-after-free. network low complexity mozilla opensuse debian CWE-416	8.8