Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-07-02	CVE-2020-9497	Improper Input Validation vulnerability in multiple products Apache Guacamole 1.1.0 and older do not properly validate datareceived from RDP servers via static virtual channels. local high complexity apache fedoraproject debian CWE-20	4.4
2020-06-29	CVE-2020-15393	Memory Leak vulnerability in multiple products In the Linux kernel 4.4 through 5.7.6, usbtest_disconnect in drivers/usb/misc/usbtest.c has a memory leak, aka CID-28ebeb8db770. local low complexity linux debian opensuse canonical CWE-401	5.5
2020-06-29	CVE-2020-15389	Use After Free vulnerability in multiple products jp2/opj_decompress.c in OpenJPEG through 2.3.1 has a use-after-free that can be triggered if there is a mix of valid and invalid files in a directory operated on by the decompressor. network high complexity uclouvain debian oracle CWE-416	6.5
2020-06-26	CVE-2020-15306	Out-of-bounds Write vulnerability in multiple products An issue was discovered in OpenEXR before v2.5.2. local low complexity openexr fedoraproject opensuse debian canonical CWE-787	5.5
2020-06-26	CVE-2020-15305	Use After Free vulnerability in multiple products An issue was discovered in OpenEXR before 2.5.2. local low complexity openexr fedoraproject opensuse debian canonical CWE-416	5.5
2020-06-25	CVE-2020-10177	Out-of-bounds Read vulnerability in multiple products Pillow before 7.1.0 has multiple out-of-bounds reads in libImaging/FliDecode.c. local low complexity python debian fedoraproject canonical CWE-125	5.5
2020-06-24	CVE-2020-12863	Out-of-bounds Read vulnerability in multiple products An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-083. low complexity sane-project debian canonical opensuse CWE-125	4.3
2020-06-24	CVE-2020-12862	Out-of-bounds Read vulnerability in multiple products An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-082. low complexity sane-project debian canonical opensuse CWE-125	4.3
2020-06-24	CVE-2020-15011	Injection vulnerability in multiple products GNU Mailman before 2.1.33 allows arbitrary content injection via the Cgi/private.py private archive login page. network low complexity gnu canonical debian CWE-74	4.3
2020-06-22	CVE-2020-4033	In FreeRDP before version 2.1.2, there is an out of bounds read in RLEDECOMPRESS. network low complexity freerdp fedoraproject opensuse canonical debian	6.5