High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-09-16	CVE-2020-14393	Out-of-bounds Write vulnerability in multiple products A buffer overflow was found in perl-DBI < 1.643 in DBI.xs. local low complexity perl opensuse debian fedoraproject CWE-787	7.1
2020-09-16	CVE-2020-14386	Out-of-bounds Write vulnerability in multiple products A flaw was found in the Linux kernel before 5.9-rc4. local low complexity linux debian fedoraproject opensuse CWE-787	7.8
2020-09-10	CVE-2020-6097	Reachable Assertion vulnerability in multiple products An exploitable denial of service vulnerability exists in the atftpd daemon functionality of atftp 0.7.git20120829-3.1+b1. network low complexity atftp-project debian opensuse CWE-617	7.5
2020-09-09	CVE-2020-25219	Uncontrolled Recursion vulnerability in multiple products url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger uncontrolled recursion via a response composed of an infinite stream that lacks a newline character. network low complexity libproxy-project debian fedoraproject opensuse canonical CWE-674	7.5
2020-09-09	CVE-2020-25212	Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products A TOCTOU mismatch in the NFS client code in the Linux kernel before 5.8.3 could be used by local attackers to corrupt memory or possibly have unspecified other impact because a size check is in fs/nfs/nfs4proc.c instead of fs/nfs/nfs4xdr.c, aka CID-b4487b935452. local high complexity linux debian opensuse canonical CWE-367	7.0
2020-09-09	CVE-2020-14342	OS Command Injection vulnerability in multiple products It was found that cifs-utils' mount.cifs was invoking a shell when requesting the Samba password, which could be used to inject arbitrary commands. local high complexity samba fedoraproject opensuse CWE-78	7.0
2020-09-04	CVE-2019-20916	Path Traversal vulnerability in multiple products The pip package before 19.2 for Python allows Directory Traversal when a URL is given in an install command, because a Content-Disposition header can have ../ in a filename, as demonstrated by overwriting the /root/.ssh/authorized_keys file. network low complexity pypa opensuse debian oracle CWE-22	7.5
2020-09-04	CVE-2020-24659	NULL Pointer Dereference vulnerability in multiple products An issue was discovered in GnuTLS before 3.6.15. network low complexity gnu fedoraproject opensuse canonical CWE-476	7.5
2020-08-31	CVE-2020-25032	Path Traversal vulnerability in multiple products An issue was discovered in Flask-CORS (aka CORS Middleware for Flask) before 3.0.9. network low complexity flask-cors-project debian opensuse CWE-22	7.5
2020-08-30	CVE-2020-14352	Path Traversal vulnerability in multiple products A flaw was found in librepo in versions before 1.12.1. network low complexity redhat opensuse fedoraproject CWE-22	8.0