Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-06-29	CVE-2020-15389	Use After Free vulnerability in multiple products jp2/opj_decompress.c in OpenJPEG through 2.3.1 has a use-after-free that can be triggered if there is a mix of valid and invalid files in a directory operated on by the decompressor. network high complexity uclouvain debian oracle CWE-416	6.5
2020-06-26	CVE-2020-15306	Out-of-bounds Write vulnerability in multiple products An issue was discovered in OpenEXR before v2.5.2. local low complexity openexr fedoraproject opensuse debian canonical CWE-787	5.5
2020-06-26	CVE-2020-15305	Use After Free vulnerability in multiple products An issue was discovered in OpenEXR before 2.5.2. local low complexity openexr fedoraproject opensuse debian canonical CWE-416	5.5
2020-06-25	CVE-2020-10177	Out-of-bounds Read vulnerability in multiple products Pillow before 7.1.0 has multiple out-of-bounds reads in libImaging/FliDecode.c. local low complexity python debian fedoraproject canonical CWE-125	5.5
2020-06-24	CVE-2020-9494	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.10, and 8.0.0 to 8.0.7 is vulnerable to certain types of HTTP/2 HEADERS frames that can cause the server to allocate a large amount of memory and spin the thread. network low complexity apache debian CWE-119	5.0
2020-06-24	CVE-2020-12863	Out-of-bounds Read vulnerability in multiple products An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-083. low complexity sane-project debian canonical opensuse CWE-125	4.3
2020-06-24	CVE-2020-12862	Out-of-bounds Read vulnerability in multiple products An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-082. low complexity sane-project debian canonical opensuse CWE-125	4.3
2020-06-22	CVE-2020-4033	Out-of-bounds Read vulnerability in multiple products In FreeRDP before version 2.1.2, there is an out of bounds read in RLEDECOMPRESS. network low complexity freerdp fedoraproject opensuse canonical debian CWE-125	6.5
2020-06-22	CVE-2020-4032	Incorrect Conversion between Numeric Types vulnerability in multiple products In FreeRDP before version 2.1.2, there is an integer casting vulnerability in update_recv_secondary_order. network low complexity freerdp opensuse fedoraproject canonical debian CWE-681	4.3
2020-06-22	CVE-2020-4030	Out-of-bounds Read vulnerability in multiple products In FreeRDP before version 2.1.2, there is an out of bounds read in TrioParse. network low complexity freerdp fedoraproject opensuse canonical debian CWE-125	6.5