High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-10-06	CVE-2020-25643	A flaw was found in the HDLC_PPP module of the Linux kernel in versions before 5.9-rc7. network low complexity linux redhat opensuse debian netapp starwindsoftware	7.2
2020-10-01	CVE-2020-15678	Use After Free vulnerability in multiple products When recursing through graphical layers while scrolling, an iterator may have become invalid, resulting in a potential use-after-free. network low complexity mozilla opensuse debian CWE-416	8.8
2020-10-01	CVE-2020-15673	Use After Free vulnerability in multiple products Mozilla developers reported memory safety bugs present in Firefox 80 and Firefox ESR 78.2. network low complexity mozilla debian opensuse CWE-416	8.8
2020-09-30	CVE-2020-14374	A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. local low complexity dpdk opensuse canonical	8.8
2020-09-30	CVE-2020-14377	A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. local low complexity dpdk canonical opensuse	7.1
2020-09-30	CVE-2020-14376	Classic Buffer Overflow vulnerability in multiple products A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. local high complexity dpdk opensuse canonical CWE-120	7.8
2020-09-30	CVE-2020-14375	Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. local high complexity dpdk opensuse canonical CWE-367	7.8
2020-09-27	CVE-2020-26117	Improper Certificate Validation vulnerability in multiple products In rfb/CSecurityTLS.cxx and rfb/CSecurityTLS.java in TigerVNC before 1.11.0, viewers mishandle TLS certificate exceptions. network low complexity tigervnc debian opensuse CWE-295	8.1
2020-09-27	CVE-2020-26116	Injection vulnerability in multiple products http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of HTTPConnection.request. network low complexity python fedoraproject canonical netapp debian oracle opensuse CWE-74	7.2
2020-09-25	CVE-2020-15206	In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, changing the TensorFlow's `SavedModel` protocol buffer and altering the name of required keys results in segfaults and data corruption while loading the model. network low complexity google opensuse	7.5