Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-12-15	CVE-2020-0499	Out-of-bounds Read vulnerability in multiple products In FLAC__bitreader_read_rice_signed_block of bitreader.c, there is a possible out of bounds read due to a heap buffer overflow. network low complexity google debian fedoraproject CWE-125	4.3
2020-12-12	CVE-2020-35176	Path Traversal vulnerability in multiple products In AWStats through 7.8, cgi-bin/awstats.pl?config= accepts a partial absolute pathname (omitting the initial /etc), even though it was intended to only read a file in the /etc/awstats/awstats.conf format. network low complexity awstats debian fedoraproject CWE-22	5.3
2020-12-11	CVE-2020-27825	A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel (before 5.10-rc1). local high complexity linux redhat debian netapp	5.7
2020-12-11	CVE-2020-26421	Out-of-bounds Read vulnerability in multiple products Crash in USB HID protocol dissector and possibly other dissectors in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file. network low complexity wireshark fedoraproject debian oracle CWE-125	5.3
2020-12-11	CVE-2020-26418	Memory Leak vulnerability in multiple products Memory leak in Kafka protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file. network low complexity wireshark fedoraproject debian oracle CWE-401	5.3
2020-12-09	CVE-2020-16589	Out-of-bounds Write vulnerability in multiple products A head-based buffer overflow exists in Academy Software Foundation OpenEXR 2.3.0 in writeTileData in ImfTiledOutputFile.cpp that can cause a denial of service via a crafted EXR file. local low complexity openexr debian CWE-787	5.5
2020-12-09	CVE-2020-16588	NULL Pointer Dereference vulnerability in multiple products A Null Pointer Deference issue exists in Academy Software Foundation OpenEXR 2.3.0 in generatePreview in makePreview.cpp that can cause a denial of service via a crafted EXR file. local low complexity openexr debian CWE-476	5.5
2020-12-09	CVE-2020-16587	Out-of-bounds Write vulnerability in multiple products A heap-based buffer overflow vulnerability exists in Academy Software Foundation OpenEXR 2.3.0 in chunkOffsetReconstruction in ImfMultiPartInputFile.cpp that can cause a denial of service via a crafted EXR file. local low complexity openexr debian CWE-787	5.5
2020-12-09	CVE-2020-29660	Improper Locking vulnerability in multiple products A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. local low complexity linux fedoraproject debian netapp broadcom CWE-667	4.4
2020-12-08	CVE-2020-27821	Out-of-bounds Write vulnerability in multiple products A flaw was found in the memory management API of QEMU during the initialization of a memory region cache. local low complexity qemu debian CWE-787	6.0