Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-12-11	CVE-2020-26419	Memory Leak vulnerability in multiple products Memory leak in the dissection engine in Wireshark 3.4.0 allows denial of service via packet injection or crafted capture file. network low complexity wireshark fedoraproject oracle CWE-401	5.3
2020-12-11	CVE-2020-26418	Memory Leak vulnerability in multiple products Memory leak in Kafka protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file. network low complexity wireshark fedoraproject debian oracle CWE-401	5.3
2020-12-03	CVE-2020-27783	Cross-site Scripting vulnerability in multiple products A XSS vulnerability was discovered in python-lxml's clean module. network low complexity lxml redhat debian fedoraproject netapp oracle CWE-79	6.1
2020-09-30	CVE-2020-26137	Injection vulnerability in multiple products urllib3 before 1.25.9 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of putrequest(). network low complexity python canonical debian oracle CWE-74	6.5
2020-08-17	CVE-2020-1472	Use of Insufficiently Random Values vulnerability in multiple products An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC). local low complexity microsoft fedoraproject opensuse canonical synology samba debian oracle CWE-330	5.5
2020-08-13	CVE-2020-17498	Double Free vulnerability in multiple products In Wireshark 3.2.0 to 3.2.5, the Kafka protocol dissector could crash. network low complexity wireshark fedoraproject opensuse oracle CWE-415	6.5
2020-06-25	CVE-2019-20892	Double Free vulnerability in multiple products net-snmp before 5.8.1.pre1 has a double free in usm_free_usmStateReference in snmplib/snmpusm.c via an SNMPv3 GetBulk request. network low complexity net-snmp oracle CWE-415	6.5
2020-06-24	CVE-2020-15025	Memory Leak vulnerability in multiple products ntpd in ntp 4.2.8 before 4.2.8p15 and 4.3.x before 4.3.101 allows remote attackers to cause a denial of service (memory consumption) by sending packets, because memory is not freed in situations where a CMAC key is used and associated with a CMAC algorithm in the ntp.keys file. network low complexity ntp opensuse netapp oracle CWE-401	4.9
2020-06-03	CVE-2020-13596	Cross-site Scripting vulnerability in multiple products An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. network low complexity djangoproject fedoraproject canonical netapp debian oracle CWE-79	6.1
2020-06-03	CVE-2020-13254	Improper Certificate Validation vulnerability in multiple products An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. network high complexity djangoproject canonical fedoraproject netapp debian oracle CWE-295	5.9