High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-09-15	CVE-2020-14361	Integer Underflow (Wrap or Wraparound) vulnerability in multiple products A flaw was found in X.Org Server before xorg-x11-server 1.20.9. local low complexity x-org redhat canonical CWE-191	7.8
2020-09-15	CVE-2020-14346	Integer Underflow (Wrap or Wraparound) vulnerability in multiple products A flaw was found in xorg-x11-server before 1.20.9. local low complexity x-org redhat canonical CWE-191	7.8
2020-09-14	CVE-2020-0570	Untrusted Search Path vulnerability in multiple products Uncontrolled search path in the QT Library before 5.14.0, 5.12.7 and 5.9.10 may allow an authenticated user to potentially enable elevation of privilege via local access. local low complexity qt redhat CWE-426	7.3
2020-09-09	CVE-2020-1749	A flaw was found in the Linux kernel's implementation of some networking protocols in IPsec, such as VXLAN and GENEVE tunnels over IPv6. network low complexity linux redhat	7.5
2020-08-19	CVE-2020-14356	NULL Pointer Dereference vulnerability in multiple products A flaw null pointer dereference in the Linux kernel cgroupv2 subsystem in versions before 5.7.10 was found in the way when reboot the system. local low complexity linux redhat opensuse debian canonical netapp CWE-476	7.8
2020-08-07	CVE-2020-9490	HTTP Request Smuggling vulnerability in multiple products Apache HTTP Server versions 2.4.20 to 2.4.43. network low complexity apache oracle opensuse debian fedoraproject canonical redhat CWE-444	7.5
2020-06-09	CVE-2020-10757	Type Confusion vulnerability in multiple products A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages. local low complexity linux opensuse redhat fedoraproject debian canonical netapp CWE-843	7.8
2020-04-17	CVE-2020-1751	Out-of-bounds Write vulnerability in multiple products An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. local high complexity gnu redhat canonical CWE-787	7.0
2020-04-17	CVE-2020-11868	Origin Validation Error vulnerability in multiple products ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, because transmissions are rescheduled even when a packet lacks a valid origin timestamp. network low complexity ntp redhat netapp debian opensuse CWE-346	7.5
2020-03-31	CVE-2020-10696	Path Traversal vulnerability in multiple products A path traversal flaw was found in Buildah in versions before 1.14.5. network low complexity buildah-project redhat CWE-22	8.8