20.04

DATE	CVE	VULNERABILITY TITLE	RISK
2020-06-22	CVE-2020-11099	In FreeRDP before version 2.1.2, there is an out of bounds read in license_read_new_or_upgrade_license_packet. network low complexity freerdp opensuse fedoraproject canonical debian	6.5
2020-06-22	CVE-2020-11098	In FreeRDP before version 2.1.2, there is an out-of-bound read in glyph_cache_put. network low complexity freerdp fedoraproject opensuse canonical debian	6.5
2020-06-22	CVE-2020-11097	In FreeRDP before version 2.1.2, an out of bounds read occurs resulting in accessing a memory location that is outside of the boundaries of the static array PRIMARY_DRAWING_ORDER_FIELD_BYTES. network low complexity freerdp fedoraproject opensuse canonical debian	5.4
2020-06-22	CVE-2020-11096	In FreeRDP before version 2.1.2, there is a global OOB read in update_read_cache_bitmap_v3_order. network low complexity freerdp fedoraproject opensuse canonical debian	6.5
2020-06-22	CVE-2020-11095	In FreeRDP before version 2.1.2, an out of bound reads occurs resulting in accessing a memory location that is outside of the boundaries of the static array PRIMARY_DRAWING_ORDER_FIELD_BYTES. network low complexity freerdp fedoraproject opensuse canonical debian	5.4
2020-06-21	CVE-2020-14954	Injection vulnerability in multiple products Mutt before 1.14.4 and NeoMutt before 2020-06-19 have a STARTTLS buffering issue that affects IMAP, SMTP, and POP3. network high complexity mutt debian neomutt fedoraproject canonical opensuse CWE-74	5.9
2020-06-18	CVE-2020-3350	Race Condition vulnerability in multiple products A vulnerability in the endpoint software of Cisco AMP for Endpoints and Clam AntiVirus could allow an authenticated, local attacker to cause the running software to delete arbitrary files on the system. local high complexity cisco fedoraproject debian canonical CWE-362	6.3
2020-06-17	CVE-2020-8619	Improper Resource Shutdown or Release vulnerability in multiple products In ISC BIND9 versions BIND 9.11.14 -> 9.11.19, BIND 9.14.9 -> 9.14.12, BIND 9.16.0 -> 9.16.3, BIND Supported Preview Edition 9.11.14-S1 -> 9.11.19-S1: Unless a nameserver is providing authoritative service for one or more zones and at least one zone contains an empty non-terminal entry containing an asterisk ("*") character, this defect cannot be encountered. network low complexity isc fedoraproject opensuse debian canonical netapp CWE-404	4.9
2020-06-17	CVE-2020-8618	Reachable Assertion vulnerability in multiple products An attacker who is permitted to send zone data to a server via zone transfer can exploit this to intentionally trigger the assertion failure with a specially constructed zone, denying service to clients. network low complexity isc opensuse netapp canonical CWE-617	4.9
2020-06-17	CVE-2020-14404	Out-of-bounds Write vulnerability in multiple products An issue was discovered in LibVNCServer before 0.9.13. network low complexity libvnc-project canonical debian siemens CWE-787	5.4