Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-07-29	CVE-2020-15706	Use After Free vulnerability in multiple products GRUB2 contains a race condition in grub_script_function_create() leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing, leading to arbitrary code execution and secure boot restriction bypass. local high complexity gnu redhat canonical debian suse microsoft opensuse CWE-416	6.4
2020-07-29	CVE-2020-15705	Improper Verification of Cryptographic Signature vulnerability in multiple products GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. local high complexity gnu redhat canonical debian suse opensuse microsoft CWE-347	6.4
2020-07-14	CVE-2020-15719	Improper Certificate Validation vulnerability in multiple products libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125 support. network high complexity openldap redhat opensuse mcafee oracle CWE-295	4.2
2020-07-13	CVE-2019-19338	Information Exposure Through Discrepancy vulnerability in multiple products A flaw was found in the fix for CVE-2019-11135, in the Linux upstream kernel versions before 5.5 where, the way Intel CPUs handle speculative execution of instructions when a TSX Asynchronous Abort (TAA) error occurs. local low complexity linux redhat CWE-203	5.5
2020-07-09	CVE-2020-10756	Out-of-bounds Read vulnerability in multiple products An out-of-bounds read vulnerability was found in the SLiRP networking implementation of the QEMU emulator. local low complexity libslirp-project redhat canonical debian opensuse CWE-125	6.5
2020-06-26	CVE-2020-10769	Out-of-bounds Read vulnerability in multiple products A buffer over-read flaw was found in RH kernel versions before 5.0 in crypto_authenc_extractkeys in crypto/authenc.c in the IPsec Cryptographic algorithm's module, authenc. local low complexity redhat opensuse CWE-125	5.5
2020-06-09	CVE-2020-10761	Reachable Assertion vulnerability in multiple products An assertion failure issue was found in the Network Block Device(NBD) Server in all QEMU versions before QEMU 5.0.1. network low complexity qemu redhat opensuse canonical CWE-617	5.0
2020-06-03	CVE-2020-10749	A vulnerability was found in all versions of containernetworking/plugins before version 0.8.6, that allows malicious containers in Kubernetes clusters to perform man-in-the-middle (MitM) attacks. network high complexity linuxfoundation redhat fedoraproject	6.0
2020-05-22	CVE-2020-10711	NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. network high complexity linux redhat debian opensuse canonical CWE-476	5.9
2020-05-12	CVE-2020-12826	Integer Overflow or Wraparound vulnerability in multiple products A signal access-control issue was discovered in the Linux kernel before 5.6.5, aka CID-7395ea4e65c2. local low complexity linux redhat canonical CWE-190	5.3