High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-06-25	CVE-2020-11538	Out-of-bounds Read vulnerability in multiple products In libImaging/SgiRleDecode.c in Pillow through 7.0.0, a number of out-of-bounds reads exist in the parsing of SGI image files, a different issue than CVE-2020-5311. network high complexity python fedoraproject canonical CWE-125	8.1
2020-06-25	CVE-2020-10379	Classic Buffer Overflow vulnerability in multiple products In Pillow before 7.1.0, there are two Buffer Overflows in libImaging/TiffDecode.c. local low complexity python fedoraproject canonical CWE-120	7.8
2020-06-24	CVE-2020-12865	Out-of-bounds Write vulnerability in multiple products A heap buffer overflow in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-084. low complexity sane-project debian canonical opensuse CWE-787	8.0
2020-06-24	CVE-2020-12861	Out-of-bounds Write vulnerability in multiple products A heap buffer overflow in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-080. low complexity sane-project canonical opensuse CWE-787	8.8
2020-06-22	CVE-2020-4031	Use After Free vulnerability in multiple products In FreeRDP before version 2.1.2, there is a use-after-free in gdi_SelectObject. network low complexity freerdp fedoraproject opensuse canonical debian CWE-416	7.5
2020-06-19	CVE-2020-8184	Improper Input Validation vulnerability in multiple products A reliance on cookies without validation/integrity check security vulnerability exists in rack < 2.2.3, rack < 2.1.4 that makes it is possible for an attacker to forge a secure or host-only cookie prefix. network low complexity rack-project debian canonical CWE-20	7.5
2020-06-17	CVE-2020-14400	An issue was discovered in LibVNCServer before 0.9.13. network low complexity libvncserver-project debian opensuse canonical	7.5
2020-06-17	CVE-2020-14399	An issue was discovered in LibVNCServer before 0.9.13. network low complexity libvncserver-project debian opensuse canonical	7.5
2020-06-17	CVE-2019-20840	Out-of-bounds Write vulnerability in multiple products An issue was discovered in LibVNCServer before 0.9.13. network low complexity libvnc-project canonical debian siemens opensuse CWE-787	7.5
2020-06-17	CVE-2019-20839	Classic Buffer Overflow vulnerability in multiple products libvncclient/sockets.c in LibVNCServer before 0.9.13 has a buffer overflow via a long socket filename. network low complexity libvnc-project canonical debian siemens opensuse CWE-120	7.5