High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-06-14	CVE-2020-14060	Deserialization of Untrusted Data vulnerability in multiple products FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.xalan.lib.sql.JNDIConnectionPool (aka apache/drill). network high complexity fasterxml netapp oracle CWE-502	8.1
2020-06-14	CVE-2020-14062	Deserialization of Untrusted Data vulnerability in multiple products FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool (aka xalan2). network high complexity fasterxml netapp debian oracle CWE-502	8.1
2020-06-14	CVE-2020-14061	Deserialization of Untrusted Data vulnerability in multiple products FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oracle.jms.AQjmsQueueConnectionFactory, oracle.jms.AQjmsXATopicConnectionFactory, oracle.jms.AQjmsTopicConnectionFactory, oracle.jms.AQjmsXAQueueConnectionFactory, and oracle.jms.AQjmsXAConnectionFactory (aka weblogic/oracle-aqjms). network high complexity fasterxml netapp debian oracle CWE-502	8.1
2020-06-08	CVE-2020-8172	Improper Certificate Validation vulnerability in multiple products TLS session reuse can lead to host certificate verification bypass in node version < 12.18.0 and < 14.4.0. network high complexity nodejs oracle CWE-295	7.4
2020-06-06	CVE-2020-13871	Use After Free vulnerability in multiple products SQLite 3.32.2 has a use-after-free in resetAccumulator in select.c because the parse tree rewrite for window functions is too late. network low complexity sqlite fedoraproject debian oracle siemens netapp CWE-416	7.5
2020-06-05	CVE-2020-12723	Classic Buffer Overflow vulnerability in multiple products regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls. network low complexity perl netapp fedoraproject opensuse oracle CWE-120	7.5
2020-06-05	CVE-2020-10878	Integer Overflow or Wraparound vulnerability in multiple products Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation. network low complexity perl fedoraproject opensuse netapp oracle CWE-190	8.6
2020-06-05	CVE-2020-10543	Integer Overflow or Wraparound vulnerability in multiple products Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow. network low complexity perl fedoraproject opensuse oracle CWE-190	8.2
2020-06-03	CVE-2020-11080	In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial of service. network low complexity nghttp2 debian opensuse fedoraproject oracle nodejs	7.5
2020-06-03	CVE-2020-3235	Improper Input Validation vulnerability in multiple products A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software and Cisco IOS XE Software on Catalyst 4500 Series Switches could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. network low complexity cisco oracle CWE-20	7.7