Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-06-29	CVE-2020-15393	Memory Leak vulnerability in multiple products In the Linux kernel 4.4 through 5.7.6, usbtest_disconnect in drivers/usb/misc/usbtest.c has a memory leak, aka CID-28ebeb8db770. local low complexity linux debian opensuse canonical CWE-401	5.5
2020-06-29	CVE-2020-15389	Use After Free vulnerability in multiple products jp2/opj_decompress.c in OpenJPEG through 2.3.1 has a use-after-free that can be triggered if there is a mix of valid and invalid files in a directory operated on by the decompressor. network high complexity uclouvain debian oracle CWE-416	6.5
2020-06-26	CVE-2020-15306	Out-of-bounds Write vulnerability in multiple products An issue was discovered in OpenEXR before v2.5.2. local low complexity openexr fedoraproject opensuse debian canonical CWE-787	5.5
2020-06-26	CVE-2020-15305	Use After Free vulnerability in multiple products An issue was discovered in OpenEXR before 2.5.2. local low complexity openexr fedoraproject opensuse debian canonical CWE-416	5.5
2020-06-25	CVE-2020-10177	Out-of-bounds Read vulnerability in multiple products Pillow before 7.1.0 has multiple out-of-bounds reads in libImaging/FliDecode.c. local low complexity python debian fedoraproject canonical CWE-125	5.5
2020-06-24	CVE-2020-12863	Out-of-bounds Read vulnerability in multiple products An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-083. low complexity sane-project debian canonical opensuse CWE-125	4.3
2020-06-24	CVE-2020-12862	Out-of-bounds Read vulnerability in multiple products An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-082. low complexity sane-project debian canonical opensuse CWE-125	4.3
2020-06-24	CVE-2020-15011	Injection vulnerability in multiple products GNU Mailman before 2.1.33 allows arbitrary content injection via the Cgi/private.py private archive login page. network low complexity gnu canonical debian CWE-74	4.3
2020-06-22	CVE-2020-4033	In FreeRDP before version 2.1.2, there is an out of bounds read in RLEDECOMPRESS. network low complexity freerdp fedoraproject opensuse canonical debian	6.5
2020-06-22	CVE-2020-4032	In FreeRDP before version 2.1.2, there is an integer casting vulnerability in update_recv_secondary_order. network low complexity freerdp opensuse fedoraproject canonical debian	4.3