Vulnerabilities > Fedoraproject
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-22 | CVE-2020-11097 | Out-of-bounds Read vulnerability in multiple products In FreeRDP before version 2.1.2, an out of bounds read occurs resulting in accessing a memory location that is outside of the boundaries of the static array PRIMARY_DRAWING_ORDER_FIELD_BYTES. | 5.4 |
| 2020-06-22 | CVE-2020-11096 | Out-of-bounds Read vulnerability in multiple products In FreeRDP before version 2.1.2, there is a global OOB read in update_read_cache_bitmap_v3_order. | 6.5 |
| 2020-06-22 | CVE-2020-11095 | Out-of-bounds Read vulnerability in multiple products In FreeRDP before version 2.1.2, an out of bound reads occurs resulting in accessing a memory location that is outside of the boundaries of the static array PRIMARY_DRAWING_ORDER_FIELD_BYTES. | 5.4 |
| 2020-06-21 | CVE-2020-14954 | Injection vulnerability in multiple products Mutt before 1.14.4 and NeoMutt before 2020-06-19 have a STARTTLS buffering issue that affects IMAP, SMTP, and POP3. | 5.9 |
| 2020-06-19 | CVE-2020-14929 | Alpine before 2.23 silently proceeds to use an insecure connection after a /tls is sent in certain circumstances involving PREAUTH, which is a less secure behavior than the alternative of closing the connection and letting the user decide what they would like to do. | 7.5 |
| 2020-06-18 | CVE-2020-13882 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products CISOfy Lynis before 3.0.0 has Incorrect Access Control because of a TOCTOU race condition. | 4.2 |
| 2020-06-18 | CVE-2019-13033 | Information Exposure vulnerability in multiple products In CISOfy Lynis 2.x through 2.7.5, the license key can be obtained by looking at the process list when a data upload is being performed. | 3.3 |
| 2020-06-18 | CVE-2017-9104 | Resource Exhaustion vulnerability in multiple products An issue was discovered in adns before 1.5.2. | 9.8 |
| 2020-06-18 | CVE-2017-9103 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in adns before 1.5.2. | 9.8 |
| 2020-06-18 | CVE-2020-14422 | Use of Insufficiently Random Values vulnerability in multiple products Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a remote attacker to cause a denial of service if an application is affected by the performance of a dictionary containing IPv4Interface or IPv6Interface objects, and this attacker can cause many dictionary entries to be created. | 5.9 |