Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-11-26	CVE-2020-25652	A flaw was found in the spice-vdagentd daemon, where it did not properly handle client connections that can be established via the UNIX domain socket in `/run/spice-vdagentd/spice-vdagent-sock`. local low complexity spice-space debian fedoraproject	5.5
2020-11-26	CVE-2020-25651	A flaw was found in the SPICE file transfer protocol. local high complexity spice-space debian fedoraproject	6.4
2020-11-25	CVE-2020-25650	A flaw was found in the way the spice-vdagentd daemon handled file transfers from the host system to the virtual machine. local low complexity spice-space debian fedoraproject	5.5
2020-11-24	CVE-2020-28928	Out-of-bounds Write vulnerability in multiple products In musl libc through 1.2.1, wcsnrtombs mishandles particular combinations of destination buffer size and source character limit, as demonstrated by an invalid write access (buffer overflow). local low complexity musl-libc debian fedoraproject oracle CWE-787	5.5
2020-11-23	CVE-2020-28896	Improper Handling of Exceptional Conditions vulnerability in multiple products Mutt before 2.0.2 and NeoMutt before 2020-11-20 did not ensure that $ssl_force_tls was processed if an IMAP server's initial server response was invalid. network high complexity neomutt mutt debian CWE-755	5.3
2020-11-23	CVE-2020-0569	Out-of-bounds Write vulnerability in multiple products Out of bounds write in Intel(R) PROSet/Wireless WiFi products on Windows 10 may allow an authenticated user to potentially enable denial of service via local access. low complexity intel debian canonical opensuse qt CWE-787	5.7
2020-11-23	CVE-2019-14587	Logic issue EDK II may allow an unauthenticated user to potentially enable denial of service via adjacent access. low complexity tianocore debian	6.5
2020-11-23	CVE-2019-14562	Integer Overflow or Wraparound vulnerability in multiple products Integer overflow in DxeImageVerificationHandler() EDK II may allow an authenticated user to potentially enable denial of service via local access. local low complexity tianocore debian CWE-190	5.5
2020-11-20	CVE-2020-20739	Missing Initialization of Resource vulnerability in multiple products im_vips2dz in /libvips/libvips/deprecated/im_vips2dz.c in libvips before 8.8.2 has an uninitialized variable which may cause the leakage of remote server path or stack address. network low complexity libvips debian fedoraproject CWE-909	5.3
2020-11-20	CVE-2020-28974	Out-of-bounds Read vulnerability in multiple products A slab-out-of-bounds read in fbcon in the Linux kernel before 5.9.7 could be used by local attackers to read privileged information or potentially crash the kernel, aka CID-3c4e0dff2095. low complexity linux debian CWE-125	5.0