High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-06-30	CVE-2020-15049	HTTP Request Smuggling vulnerability in multiple products An issue was discovered in http/ContentLengthInterpreter.cc in Squid before 4.12 and 5.x before 5.0.3. network low complexity squid-cache fedoraproject CWE-444	8.8
2020-06-30	CVE-2020-15396	Race Condition vulnerability in multiple products In HylaFAX+ through 7.0.2 and HylaFAX Enterprise, the faxsetup utility calls chown on files in user-owned directories. local low complexity hylafax-project ifax fedoraproject opensuse CWE-362	7.8
2020-06-30	CVE-2020-15395	Out-of-bounds Read vulnerability in multiple products In MediaInfoLib in MediaArea MediaInfo 20.03, there is a stack-based buffer over-read in Streams_Fill_PerStream in Multiple/File_MpegPs.cpp (aka an off-by-one during MpegPs parsing). local low complexity mediaarea fedoraproject CWE-125	7.8
2020-06-29	CVE-2020-4067	Improper Initialization vulnerability in multiple products In coturn before version 4.5.1.3, there is an issue whereby STUN/TURN response buffer is not initialized properly. network low complexity coturn-project debian fedoraproject canonical opensuse CWE-665	7.5
2020-06-25	CVE-2020-11538	Out-of-bounds Read vulnerability in multiple products In libImaging/SgiRleDecode.c in Pillow through 7.0.0, a number of out-of-bounds reads exist in the parsing of SGI image files, a different issue than CVE-2020-5311. network high complexity python fedoraproject canonical CWE-125	8.1
2020-06-25	CVE-2020-10379	Classic Buffer Overflow vulnerability in multiple products In Pillow before 7.1.0, there are two Buffer Overflows in libImaging/TiffDecode.c. local low complexity python fedoraproject canonical CWE-120	7.8
2020-06-22	CVE-2020-4031	Use After Free vulnerability in multiple products In FreeRDP before version 2.1.2, there is a use-after-free in gdi_SelectObject. network low complexity freerdp fedoraproject opensuse canonical debian CWE-416	7.5
2020-06-19	CVE-2020-14929	Alpine before 2.23 silently proceeds to use an insecure connection after a /tls is sent in certain circumstances involving PREAUTH, which is a less secure behavior than the alternative of closing the connection and letting the user decide what they would like to do. network low complexity alpine-project fedoraproject debian	7.5
2020-06-18	CVE-2017-9108	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in adns before 1.5.2. network low complexity gnu opensuse fedoraproject CWE-119	7.5
2020-06-18	CVE-2017-9107	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in adns before 1.5.2. network low complexity gnu fedoraproject CWE-119	7.5