High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-10-20	CVE-2020-25648	Allocation of Resources Without Limits or Throttling vulnerability in multiple products A flaw was found in the way NSS handled CCS (ChangeCipherSpec) messages in TLS 1.3. network low complexity mozilla redhat fedoraproject oracle CWE-770	7.5
2020-10-06	CVE-2020-25644	Memory Leak vulnerability in multiple products A memory leak flaw was found in WildFly OpenSSL in versions prior to 1.1.3.Final, where it removes an HTTP session. network low complexity redhat netapp CWE-401	7.5
2020-10-06	CVE-2020-25643	Improper Input Validation vulnerability in multiple products A flaw was found in the HDLC_PPP module of the Linux kernel in versions before 5.9-rc7. network low complexity linux redhat opensuse debian netapp starwindsoftware CWE-20	7.2
2020-10-05	CVE-2020-25636	Files or Directories Accessible to External Parties vulnerability in Redhat Ansible 2.10.1 A flaw was found in Ansible Base when using the aws_ssm connection plugin as there is no namespace separation for file transfers. local low complexity redhat CWE-552	7.1
2020-09-23	CVE-2020-10714	Session Fixation vulnerability in multiple products A flaw was found in WildFly Elytron version 1.11.3.Final and before. network high complexity redhat netapp CWE-384	7.5
2020-09-16	CVE-2020-14382	Out-of-bounds Write vulnerability in multiple products A vulnerability was found in upstream release cryptsetup-2.2.0 where, there's a bug in LUKS2 format validation code, that is effectively invoked on every device/image presenting itself as LUKS2 container. local low complexity cryptsetup-project redhat canonical fedoraproject CWE-787	7.8
2020-09-15	CVE-2020-14362	Integer Underflow (Wrap or Wraparound) vulnerability in multiple products A flaw was found in X.Org Server before xorg-x11-server 1.20.9. local low complexity x-org redhat canonical CWE-191	7.8
2020-09-15	CVE-2020-14361	Integer Underflow (Wrap or Wraparound) vulnerability in multiple products A flaw was found in X.Org Server before xorg-x11-server 1.20.9. local low complexity x-org redhat canonical CWE-191	7.8
2020-09-15	CVE-2020-14346	Integer Underflow (Wrap or Wraparound) vulnerability in multiple products A flaw was found in xorg-x11-server before 1.20.9. local low complexity x-org redhat canonical CWE-191	7.8
2020-09-11	CVE-2020-1045	<p>A security feature bypass vulnerability exists in the way Microsoft ASP.NET Core parses encoded cookie names.</p> <p>The ASP.NET Core cookie parser decodes entire cookie strings which could allow a malicious attacker to set a second cookie with the name being percent encoded.</p> <p>The security update addresses the vulnerability by fixing the way the ASP.NET Core cookie parser handles encoded names.</p> network low complexity microsoft fedoraproject redhat	7.5