Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2021-01-07	CVE-2020-26976	When a HTTPS pages was embedded in a HTTP page, and there was a service worker registered for the former, the service worker could have intercepted the request for the secure page despite the iframe not being a secure context due to the (insecure) framing. network mozilla debian	4.3
2021-01-06	CVE-2020-8287	HTTP Request Smuggling vulnerability in multiple products Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 allow two copies of a header field in an HTTP request (for example, two Transfer-Encoding header fields). network low complexity nodejs debian fedoraproject oracle siemens CWE-444	6.5
2021-01-05	CVE-2020-27845	Out-of-bounds Read vulnerability in multiple products There's a flaw in src/lib/openjp2/pi.c of openjpeg in versions prior to 2.4.0. local low complexity uclouvain fedoraproject debian oracle CWE-125	5.5
2021-01-05	CVE-2020-27843	Out-of-bounds Read vulnerability in multiple products A flaw was found in OpenJPEG in versions prior to 2.4.0. local low complexity uclouvain fedoraproject oracle debian CWE-125	5.5
2021-01-05	CVE-2020-27842	Out-of-bounds Read vulnerability in multiple products There's a flaw in openjpeg's t2 encoder in versions prior to 2.4.0. local low complexity uclouvain fedoraproject debian redhat oracle CWE-125	5.5
2021-01-05	CVE-2020-27841	Heap-based Buffer Overflow vulnerability in multiple products There's a flaw in openjpeg in versions prior to 2.4.0 in src/lib/openjp2/pi.c. local low complexity uclouvain fedoraproject debian oracle CWE-122	5.5
2021-01-05	CVE-2020-36158	Classic Buffer Overflow vulnerability in multiple products mwifiex_cmd_802_11_ad_hoc_start in drivers/net/wireless/marvell/mwifiex/join.c in the Linux kernel through 5.10.4 might allow remote attackers to execute arbitrary code via a long SSID value, aka CID-5c455c5ab332. local low complexity linux fedoraproject debian netapp CWE-120	6.7
2021-01-04	CVE-2019-25013	Out-of-bounds Read vulnerability in multiple products The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read. network high complexity gnu fedoraproject netapp broadcom debian CWE-125	5.9
2021-01-04	CVE-2020-24386	An issue was discovered in Dovecot before 2.3.13. network high complexity dovecot debian fedoraproject	6.8
2021-01-04	CVE-2020-35965	Out-of-bounds Write vulnerability in multiple products decode_frame in libavcodec/exr.c in FFmpeg 4.3.1 has an out-of-bounds write because of errors in calculations of when to perform memset zero operations. network low complexity ffmpeg debian CWE-787	5.0