Vulnerabilities > Fedoraproject > High

DATE CVE VULNERABILITY TITLE RISK
2020-06-30 CVE-2020-15395 Out-of-bounds Read vulnerability in multiple products
In MediaInfoLib in MediaArea MediaInfo 20.03, there is a stack-based buffer over-read in Streams_Fill_PerStream in Multiple/File_MpegPs.cpp (aka an off-by-one during MpegPs parsing).
local
low complexity
mediaarea fedoraproject CWE-125
7.8
7.8
2020-06-29 CVE-2020-4067 In coturn before version 4.5.1.3, there is an issue whereby STUN/TURN response buffer is not initialized properly. 7.5
7.5
2020-06-25 CVE-2020-11538 Out-of-bounds Read vulnerability in multiple products
In libImaging/SgiRleDecode.c in Pillow through 7.0.0, a number of out-of-bounds reads exist in the parsing of SGI image files, a different issue than CVE-2020-5311.
network
high complexity
python fedoraproject canonical CWE-125
8.1
8.1
2020-06-25 CVE-2020-10379 Classic Buffer Overflow vulnerability in multiple products
In Pillow before 7.1.0, there are two Buffer Overflows in libImaging/TiffDecode.c.
local
low complexity
python fedoraproject canonical CWE-120
7.8
7.8
2020-06-22 CVE-2020-4031 In FreeRDP before version 2.1.2, there is a use-after-free in gdi_SelectObject.
network
low complexity
freerdp fedoraproject opensuse canonical debian
7.5
7.5
2020-06-19 CVE-2020-14929 Alpine before 2.23 silently proceeds to use an insecure connection after a /tls is sent in certain circumstances involving PREAUTH, which is a less secure behavior than the alternative of closing the connection and letting the user decide what they would like to do.
network
low complexity
alpine-project fedoraproject debian
7.5
7.5
2020-06-18 CVE-2017-9108 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An issue was discovered in adns before 1.5.2.
network
low complexity
gnu opensuse fedoraproject CWE-119
7.5
7.5
2020-06-18 CVE-2017-9107 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An issue was discovered in adns before 1.5.2.
network
low complexity
gnu fedoraproject CWE-119
7.5
7.5
2020-06-18 CVE-2017-9106 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An issue was discovered in adns before 1.5.2.
network
low complexity
gnu fedoraproject CWE-119
7.5
7.5
2020-06-18 CVE-2017-9105 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in adns before 1.5.2.
network
low complexity
gnu fedoraproject CWE-476
8.8
8.8