High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-08-21	CVE-2020-8620	Reachable Assertion vulnerability in multiple products In BIND 9.15.6 -> 9.16.5, 9.17.0 -> 9.17.3, An attacker who can establish a TCP connection with the server and send data on that connection can exploit this to trigger the assertion failure, causing the server to exit. network low complexity isc opensuse netapp canonical CWE-617	7.5
2020-08-19	CVE-2020-14356	NULL Pointer Dereference vulnerability in multiple products A flaw null pointer dereference in the Linux kernel cgroupv2 subsystem in versions before 5.7.10 was found in the way when reboot the system. local low complexity linux redhat opensuse debian canonical netapp CWE-476	7.8
2020-08-19	CVE-2020-24394	Incorrect Permission Assignment for Critical Resource vulnerability in multiple products In the Linux kernel before 5.7.8, fs/nfsd/vfs.c (in the NFS server) can set incorrect permissions on new filesystem objects when the filesystem lacks ACL support, aka CID-22cf8419f131. local low complexity linux canonical opensuse oracle starwindsoftware CWE-732	7.1
2020-08-17	CVE-2020-8233	OS Command Injection vulnerability in multiple products A command injection vulnerability exists in EdgeSwitch firmware <v1.9.0 that allowed an authenticated read-only user to execute arbitrary shell commands over the HTTP interface, allowing them to escalate privileges. network low complexity ui opensuse CWE-78	8.8
2020-08-11	CVE-2020-17367	Argument Injection or Modification vulnerability in multiple products Firejail through 0.9.62 does not honor the -- end-of-options indicator after the --output option, which may lead to command injection. local low complexity firejail-project debian fedoraproject opensuse CWE-88	7.8
2020-08-10	CVE-2020-15659	Out-of-bounds Write vulnerability in multiple products Mozilla developers and community members reported memory safety bugs present in Firefox 78 and Firefox ESR 78.0. network low complexity mozilla opensuse canonical CWE-787	8.8
2020-08-10	CVE-2020-15656	Type Confusion vulnerability in multiple products JIT optimizations involving the Javascript arguments object could confuse later optimizations. network low complexity mozilla opensuse canonical CWE-843	8.8
2020-08-07	CVE-2020-9490	HTTP Request Smuggling vulnerability in multiple products Apache HTTP Server versions 2.4.20 to 2.4.43. network low complexity apache oracle opensuse debian fedoraproject canonical redhat CWE-444	7.5
2020-08-07	CVE-2020-11993	HTTP Request Smuggling vulnerability in multiple products Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools. network low complexity apache netapp canonical opensuse debian fedoraproject oracle CWE-444	7.5
2020-08-07	CVE-2020-8026	Unspecified vulnerability in Opensuse Backports Sle, Leap and Tumbleweed A Incorrect Default Permissions vulnerability in the packaging of inn in openSUSE Leap 15.2, openSUSE Tumbleweed, openSUSE Leap 15.1 allows local attackers with control of the new user to escalate their privileges to root. local low complexity opensuse	7.8