Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-06-22	CVE-2020-4030	Out-of-bounds Read vulnerability in multiple products In FreeRDP before version 2.1.2, there is an out of bounds read in TrioParse. network low complexity freerdp fedoraproject opensuse canonical debian CWE-125	6.5
2020-06-22	CVE-2020-11099	Out-of-bounds Read vulnerability in multiple products In FreeRDP before version 2.1.2, there is an out of bounds read in license_read_new_or_upgrade_license_packet. network low complexity freerdp opensuse fedoraproject canonical debian CWE-125	6.5
2020-06-22	CVE-2020-11098	Out-of-bounds Read vulnerability in multiple products In FreeRDP before version 2.1.2, there is an out-of-bound read in glyph_cache_put. network low complexity freerdp fedoraproject opensuse canonical debian CWE-125	6.5
2020-06-22	CVE-2020-11097	Out-of-bounds Read vulnerability in multiple products In FreeRDP before version 2.1.2, an out of bounds read occurs resulting in accessing a memory location that is outside of the boundaries of the static array PRIMARY_DRAWING_ORDER_FIELD_BYTES. network low complexity freerdp fedoraproject opensuse canonical debian CWE-125	5.4
2020-06-22	CVE-2020-11096	Out-of-bounds Read vulnerability in multiple products In FreeRDP before version 2.1.2, there is a global OOB read in update_read_cache_bitmap_v3_order. network low complexity freerdp fedoraproject opensuse canonical debian CWE-125	6.5
2020-06-22	CVE-2020-11095	Out-of-bounds Read vulnerability in multiple products In FreeRDP before version 2.1.2, an out of bound reads occurs resulting in accessing a memory location that is outside of the boundaries of the static array PRIMARY_DRAWING_ORDER_FIELD_BYTES. network low complexity freerdp fedoraproject opensuse canonical debian CWE-125	5.4
2020-06-21	CVE-2020-14954	Injection vulnerability in multiple products Mutt before 1.14.4 and NeoMutt before 2020-06-19 have a STARTTLS buffering issue that affects IMAP, SMTP, and POP3. network high complexity mutt debian neomutt fedoraproject canonical opensuse CWE-74	5.9
2020-06-19	CVE-2020-8167	Cross-Site Request Forgery (CSRF) vulnerability in multiple products A CSRF vulnerability exists in rails <= 6.0.3 rails-ujs module that could allow attackers to send CSRF tokens to wrong domains. network rubyonrails debian CWE-352	4.3
2020-06-19	CVE-2020-8164	Deserialization of Untrusted Data vulnerability in multiple products A deserialization of untrusted data vulnerability exists in rails < 5.2.4.3, rails < 6.0.3.1 which can allow an attacker to supply information can be inadvertently leaked fromStrong Parameters. network low complexity rubyonrails debian opensuse CWE-502	5.0
2020-06-19	CVE-2020-8162	Unrestricted Upload of File with Dangerous Type vulnerability in multiple products A client side enforcement of server side security vulnerability exists in rails < 5.2.4.2 and rails < 6.0.3.1 ActiveStorage's S3 adapter that allows the Content-Length of a direct file upload to be modified by an end user bypassing upload limits. network low complexity rubyonrails debian CWE-434	5.0