Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2021-01-20	CVE-2020-25687	A flaw was found in dnsmasq before version 2.83. network high complexity thekelleys fedoraproject debian	5.9
2021-01-20	CVE-2020-25683	A flaw was found in dnsmasq before version 2.83. network high complexity thekelleys fedoraproject debian	5.9
2021-01-19	CVE-2020-14410	Out-of-bounds Read vulnerability in multiple products SDL (Simple DirectMedia Layer) through 2.0.12 has a heap-based buffer over-read in Blit_3or4_to_3or4__inversed_rgb in video/SDL_blit_N.c via a crafted .BMP file. network low complexity libsdl debian fedoraproject CWE-125	5.4
2021-01-19	CVE-2021-3181	Memory Leak vulnerability in multiple products rfc822.c in Mutt through 2.0.4 allows remote attackers to cause a denial of service (mailbox unavailability) by sending email messages with sequences of semicolon characters in RFC822 address fields (aka terminators of empty groups). network low complexity mutt debian fedoraproject CWE-401	6.5
2021-01-19	CVE-2021-3178	Path Traversal vulnerability in multiple products fs/nfsd/nfs3xdr.c in the Linux kernel through 5.10.8, when there is an NFS export of a subdirectory of a filesystem, allows remote attackers to traverse to other parts of the filesystem via READDIRPLUS. network low complexity linux fedoraproject debian CWE-22	6.5
2021-01-12	CVE-2020-25657	A flaw was found in all released versions of m2crypto, where they are vulnerable to Bleichenbacher timing attacks in the RSA decryption API via the timed processing of valid PKCS#1 v1.5 Ciphertext. network high complexity m2crypto-project redhat fedoraproject	5.9
2021-01-12	CVE-2020-35655	Out-of-bounds Read vulnerability in multiple products In Pillow before 8.1.0, SGIRleDecode has a 4-byte buffer over-read when decoding crafted SGI RLE image files because offsets and length tables are mishandled. network low complexity python fedoraproject CWE-125	5.4
2021-01-08	CVE-2020-25678	A flaw was found in ceph in versions prior to 16.y.z where ceph stores mgr module passwords in clear text. local low complexity redhat fedoraproject	4.4
2021-01-06	CVE-2020-8287	HTTP Request Smuggling vulnerability in multiple products Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 allow two copies of a header field in an HTTP request (for example, two Transfer-Encoding header fields). network low complexity nodejs debian fedoraproject oracle siemens CWE-444	6.5
2021-01-05	CVE-2020-27845	There's a flaw in src/lib/openjp2/pi.c of openjpeg in versions prior to 2.4.0. local low complexity uclouvain fedoraproject debian oracle	5.5