Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-07-15	CVE-2020-14629	Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). local low complexity oracle opensuse	6.0
2020-07-14	CVE-2020-15719	Improper Certificate Validation vulnerability in multiple products libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125 support. network high complexity openldap redhat opensuse mcafee oracle CWE-295	4.2
2020-07-09	CVE-2020-10756	Out-of-bounds Read vulnerability in multiple products An out-of-bounds read vulnerability was found in the SLiRP networking implementation of the QEMU emulator. local low complexity libslirp-project redhat canonical debian opensuse CWE-125	6.5
2020-07-09	CVE-2020-12418	Out-of-bounds Read vulnerability in multiple products Manipulating individual parts of a URL object could have caused an out-of-bounds read, leaking process memory to malicious JavaScript. network low complexity mozilla canonical opensuse CWE-125	6.5
2020-07-09	CVE-2020-12415	Incorrect Default Permissions vulnerability in multiple products When "%2F" was present in a manifest URL, Firefox's AppCache behavior may have become confused and allowed a manifest to be served from a subdirectory. network low complexity mozilla opensuse CWE-276	6.5
2020-07-09	CVE-2020-12402	Information Exposure Through Discrepancy vulnerability in multiple products During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly input-dependent flow. local high complexity mozilla opensuse fedoraproject debian CWE-203	4.4
2020-07-09	CVE-2020-12424	Incorrect Default Permissions vulnerability in multiple products When constructing a permission prompt for WebRTC, a URI was supplied from the content process. network low complexity mozilla opensuse CWE-276	6.5
2020-07-07	CVE-2020-15095	Versions of the npm CLI prior to 6.14.6 are vulnerable to an information exposure vulnerability through log files. local high complexity npmjs opensuse fedoraproject	4.4
2020-07-07	CVE-2020-10730	Use After Free vulnerability in multiple products A NULL pointer dereference, or possible use-after-free flaw was found in Samba AD LDAP server in versions before 4.10.17, before 4.11.11 and before 4.12.4. network low complexity samba redhat opensuse fedoraproject debian CWE-416	6.5
2020-07-07	CVE-2020-15563	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in Xen through 4.13.x, allowing x86 HVM guest OS users to cause a hypervisor crash. local low complexity xen debian fedoraproject opensuse CWE-119	6.5