High

DATE	CVE	VULNERABILITY TITLE	RISK
2021-01-26	CVE-2021-3115	Uncontrolled Search Path Element vulnerability in multiple products Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and remote code execution when using the "go get" command to fetch modules that make use of cgo (for example, cgo can execute a gcc program from an untrusted download). network high complexity golang fedoraproject netapp CWE-427	7.5
2021-01-20	CVE-2020-25682	A flaw was found in dnsmasq before 2.83. network high complexity thekelleys fedoraproject debian	8.1
2021-01-20	CVE-2020-25681	A flaw was found in dnsmasq before version 2.83. network high complexity thekelleys fedoraproject debian	8.1
2021-01-19	CVE-2020-14409	Integer Overflow or Wraparound vulnerability in multiple products SDL (Simple DirectMedia Layer) through 2.0.12 has an Integer Overflow (and resultant SDL_memcpy heap corruption) in SDL_BlitCopy in video/SDL_blit_copy.c via a crafted .BMP file. local low complexity libsdl fedoraproject debian starwindsoftware CWE-190	7.8
2021-01-18	CVE-2020-36193	Link Following vulnerability in multiple products Tar.php in Archive_Tar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related issue to CVE-2020-28948. network low complexity php fedoraproject debian drupal CWE-59	7.5
2021-01-15	CVE-2020-35733	Improper Certificate Validation vulnerability in multiple products An issue was discovered in Erlang/OTP before 23.2.2. network low complexity erlang fedoraproject CWE-295	7.5
2021-01-13	CVE-2020-26262	Coturn is free open source implementation of TURN and STUN Server. network low complexity coturn-project fedoraproject	7.2
2021-01-13	CVE-2020-28374	Path Traversal vulnerability in multiple products In drivers/target/target_core_xcopy.c in the Linux kernel before 5.10.7, insufficient identifier checking in the LIO SCSI target code can be used by remote attackers to read or write files via directory traversal in an XCOPY request, aka CID-2896c93811e3. network low complexity linux fedoraproject debian CWE-22	8.1
2021-01-12	CVE-2021-23240	Link Following vulnerability in multiple products selinux_edit_copy_tfiles in sudoedit in Sudo before 1.9.5 allows a local unprivileged user to gain file ownership and escalate privileges by replacing a temporary file with a symlink to an arbitrary file target. local low complexity sudo-project netapp fedoraproject CWE-59	7.8
2021-01-12	CVE-2020-35654	Out-of-bounds Write vulnerability in multiple products In Pillow before 8.1.0, TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode. network low complexity python fedoraproject CWE-787	8.8