High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-07-09	CVE-2020-12422	Out-of-bounds Write vulnerability in multiple products In non-standard configurations, a JPEG image created by JavaScript could have caused an internal variable to overflow, resulting in an out of bounds write, memory corruption, and a potentially exploitable crash. network low complexity mozilla opensuse CWE-787	8.8
2020-07-09	CVE-2020-12420	Use After Free vulnerability in multiple products When trying to connect to a STUN server, a race condition could have caused a use-after-free of a pointer, leading to memory corruption and a potentially exploitable crash. network low complexity mozilla canonical opensuse CWE-416	8.8
2020-07-09	CVE-2020-12419	Use After Free vulnerability in multiple products When processing callbacks that occurred during window flushing in the parent process, the associated window may die; causing a use-after-free condition. network low complexity mozilla canonical opensuse CWE-416	8.8
2020-07-09	CVE-2020-12417	Incorrect Conversion between Numeric Types vulnerability in multiple products Due to confusion about ValueTags on JavaScript Objects, an object may pass through the type barrier, resulting in memory corruption and a potentially exploitable crash. network low complexity mozilla canonical opensuse CWE-681	8.8
2020-07-09	CVE-2020-12416	Use After Free vulnerability in multiple products A VideoStreamEncoder may have been freed in a race condition with VideoBroadcaster::AddOrUpdateSink, resulting in a use-after-free, memory corruption, and a potentially exploitable crash. network low complexity mozilla opensuse CWE-416	8.8
2020-07-07	CVE-2020-10745	Resource Exhaustion vulnerability in multiple products A flaw was found in all Samba versions before 4.10.17, before 4.11.11 and before 4.12.4 in the way it processed NetBios over TCP/IP. network low complexity samba fedoraproject opensuse debian CWE-400	7.5
2020-07-07	CVE-2020-15567	Race Condition vulnerability in multiple products An issue was discovered in Xen through 4.13.x, allowing Intel guest OS users to gain privileges or cause a denial of service because of non-atomic modification of a live EPT PTE. local high complexity xen debian opensuse fedoraproject CWE-362	7.8
2020-07-07	CVE-2020-15565	Resource Exhaustion vulnerability in multiple products An issue was discovered in Xen through 4.13.x, allowing x86 Intel HVM guest OS users to cause a host OS denial of service or possibly gain privileges because of insufficient cache write-back under VT-d. local low complexity xen debian fedoraproject opensuse CWE-400	8.8
2020-07-06	CVE-2020-14303	Excessive Iteration vulnerability in multiple products A flaw was found in the AD DC NBT server in all Samba versions before 4.10.17, before 4.11.11 and before 4.12.4. network low complexity samba fedoraproject opensuse debian canonical CWE-834	7.5
2020-07-05	CVE-2020-15466	Infinite Loop vulnerability in multiple products In Wireshark 3.2.0 to 3.2.4, the GVCP dissector could go into an infinite loop. network low complexity wireshark opensuse debian CWE-835	7.5