Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-12-02	CVE-2020-25704	A flaw memory leak in the Linux kernel performance monitoring subsystem was found in the way if using PERF_EVENT_IOC_SET_FILTER. local low complexity linux debian starwindsoftware	5.5
2020-12-02	CVE-2020-25656	A flaw was found in the Linux kernel. local high complexity linux redhat debian starwindsoftware	4.1
2020-12-01	CVE-2020-15257	containerd is an industry-standard container runtime and is available as a daemon for Linux and Windows. local low complexity linuxfoundation fedoraproject debian	5.2
2020-11-30	CVE-2020-25624	Out-of-bounds Read vulnerability in multiple products hw/usb/hcd-ohci.c in QEMU 5.0.0 has a stack-based buffer over-read via values obtained from the host controller driver. local high complexity qemu debian CWE-125	5.0
2020-11-28	CVE-2020-27218	In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 to 10.0.0.beta2, and 11.0.0.alpha0 to 11.0.0.beta2, if GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection, and if an attacker can send a request with a body that is received entirely but not consumed by the application, then a subsequent request on the same connection will see that body prepended to its body. network high complexity eclipse netapp oracle apache debian	4.8
2020-11-26	CVE-2020-29130	Out-of-bounds Read vulnerability in multiple products slirp.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet length. network low complexity libslirp-project debian fedoraproject CWE-125	4.3
2020-11-26	CVE-2020-29129	Out-of-bounds Read vulnerability in multiple products ncsi.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet length. network low complexity libslirp-project fedoraproject debian CWE-125	4.3
2020-11-26	CVE-2020-25653	Race Condition vulnerability in multiple products A race condition vulnerability was found in the way the spice-vdagentd daemon handled new client connections. local high complexity spice-space debian fedoraproject CWE-362	6.3
2020-11-26	CVE-2020-25652	A flaw was found in the spice-vdagentd daemon, where it did not properly handle client connections that can be established via the UNIX domain socket in `/run/spice-vdagentd/spice-vdagent-sock`. local low complexity spice-space debian fedoraproject	5.5
2020-11-26	CVE-2020-25651	A flaw was found in the SPICE file transfer protocol. local high complexity spice-space debian fedoraproject	6.4