Fedora

DATE	CVE	VULNERABILITY TITLE	RISK
2020-06-30	CVE-2020-15396	Race Condition vulnerability in multiple products In HylaFAX+ through 7.0.2 and HylaFAX Enterprise, the faxsetup utility calls chown on files in user-owned directories. local low complexity hylafax-project ifax fedoraproject opensuse CWE-362	7.8
2020-06-30	CVE-2020-15395	Out-of-bounds Read vulnerability in multiple products In MediaInfoLib in MediaArea MediaInfo 20.03, there is a stack-based buffer over-read in Streams_Fill_PerStream in Multiple/File_MpegPs.cpp (aka an off-by-one during MpegPs parsing). local low complexity mediaarea fedoraproject CWE-125	7.8
2020-06-30	CVE-2017-18922	Out-of-bounds Write vulnerability in multiple products It was discovered that websockets.c in LibVNCServer prior to 0.9.12 did not properly decode certain WebSocket frames. network low complexity libvncserver-project canonical opensuse fedoraproject siemens CWE-787 critical	9.8
2020-06-29	CVE-2020-4067	In coturn before version 4.5.1.3, there is an issue whereby STUN/TURN response buffer is not initialized properly. network low complexity coturn-project debian fedoraproject canonical opensuse	7.5
2020-06-29	CVE-2020-14002	Information Exposure Through Discrepancy vulnerability in multiple products PuTTY 0.68 through 0.73 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. network high complexity putty netapp fedoraproject CWE-203	5.9
2020-06-26	CVE-2020-10753	Injection vulnerability in multiple products A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gateway). network low complexity redhat fedoraproject opensuse linuxfoundation canonical CWE-74	6.5
2020-06-26	CVE-2020-15306	Out-of-bounds Write vulnerability in multiple products An issue was discovered in OpenEXR before v2.5.2. local low complexity openexr fedoraproject opensuse debian canonical CWE-787	5.5
2020-06-26	CVE-2020-15305	Use After Free vulnerability in multiple products An issue was discovered in OpenEXR before 2.5.2. local low complexity openexr fedoraproject opensuse debian canonical CWE-416	5.5
2020-06-26	CVE-2020-15304	NULL Pointer Dereference vulnerability in multiple products An issue was discovered in OpenEXR before 2.5.2. local low complexity openexr fedoraproject opensuse CWE-476	5.5
2020-06-25	CVE-2020-11538	Out-of-bounds Read vulnerability in multiple products In libImaging/SgiRleDecode.c in Pillow through 7.0.0, a number of out-of-bounds reads exist in the parsing of SGI image files, a different issue than CVE-2020-5311. network high complexity python fedoraproject canonical CWE-125	8.1