Ubuntu Linux

DATE	CVE	VULNERABILITY TITLE	RISK
2020-06-22	CVE-2020-4032	In FreeRDP before version 2.1.2, there is an integer casting vulnerability in update_recv_secondary_order. network low complexity freerdp opensuse fedoraproject canonical debian	4.3
2020-06-22	CVE-2020-4031	In FreeRDP before version 2.1.2, there is a use-after-free in gdi_SelectObject. network low complexity freerdp fedoraproject opensuse canonical debian	7.5
2020-06-22	CVE-2020-4030	In FreeRDP before version 2.1.2, there is an out of bounds read in TrioParse. network low complexity freerdp fedoraproject opensuse canonical debian	6.5
2020-06-22	CVE-2020-11099	In FreeRDP before version 2.1.2, there is an out of bounds read in license_read_new_or_upgrade_license_packet. network low complexity freerdp opensuse fedoraproject canonical debian	6.5
2020-06-22	CVE-2020-11098	In FreeRDP before version 2.1.2, there is an out-of-bound read in glyph_cache_put. network low complexity freerdp fedoraproject opensuse canonical debian	6.5
2020-06-22	CVE-2020-11097	In FreeRDP before version 2.1.2, an out of bounds read occurs resulting in accessing a memory location that is outside of the boundaries of the static array PRIMARY_DRAWING_ORDER_FIELD_BYTES. network low complexity freerdp fedoraproject opensuse canonical debian	5.4
2020-06-22	CVE-2020-11096	In FreeRDP before version 2.1.2, there is a global OOB read in update_read_cache_bitmap_v3_order. network low complexity freerdp fedoraproject opensuse canonical debian	6.5
2020-06-22	CVE-2020-11095	In FreeRDP before version 2.1.2, an out of bound reads occurs resulting in accessing a memory location that is outside of the boundaries of the static array PRIMARY_DRAWING_ORDER_FIELD_BYTES. network low complexity freerdp fedoraproject opensuse canonical debian	5.4
2020-06-21	CVE-2020-14954	Injection vulnerability in multiple products Mutt before 1.14.4 and NeoMutt before 2020-06-19 have a STARTTLS buffering issue that affects IMAP, SMTP, and POP3. network high complexity mutt debian neomutt fedoraproject canonical opensuse CWE-74	5.9
2020-06-19	CVE-2020-8184	Improper Input Validation vulnerability in multiple products A reliance on cookies without validation/integrity check security vulnerability exists in rack < 2.2.3, rack < 2.1.4 that makes it is possible for an attacker to forge a secure or host-only cookie prefix. network low complexity rack-project debian canonical CWE-20	7.5