Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-08-26	CVE-2020-24661	Improper Certificate Validation vulnerability in multiple products GNOME Geary before 3.36.3 mishandles pinned TLS certificate verification for IMAP and SMTP services using invalid TLS certificates (e.g., self-signed certificates) when the client system is not configured to use a system-provided PKCS#11 store. network high complexity gnome fedoraproject CWE-295	5.9
2020-08-24	CVE-2020-24612	Improper Authentication vulnerability in Fedoraproject Selinux-Policy 20200824/3.14 An issue was discovered in the selinux-policy (aka Reference Policy) package 3.14 through 2020-08-24 because the .config/Yubico directory is mishandled. local high complexity fedoraproject CWE-287	4.7
2020-08-24	CVE-2020-14367	Link Following vulnerability in multiple products A flaw was found in chrony versions before 3.5.1 when creating the PID file under the /var/run/chrony folder. local low complexity tuxfamily fedoraproject canonical CWE-59	6.0
2020-08-21	CVE-2020-8624	Improper Privilege Management vulnerability in multiple products In BIND 9.9.12 -> 9.9.13, 9.10.7 -> 9.10.8, 9.11.3 -> 9.11.21, 9.12.1 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.12-S1 -> 9.9.13-S1, 9.11.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker who has been granted privileges to change a specific subset of the zone's content could abuse these unintended additional privileges to update other contents of the zone. network low complexity isc debian canonical netapp fedoraproject opensuse CWE-269	4.3
2020-08-21	CVE-2020-8622	Reachable Assertion vulnerability in multiple products In BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that request, triggering an assertion failure, causing the server to exit. network low complexity isc fedoraproject debian canonical netapp opensuse synology oracle CWE-617	6.5
2020-08-17	CVE-2020-24370	Integer Underflow (Wrap or Wraparound) vulnerability in multiple products ldebug.c in Lua 5.4.0 allows a negation overflow and segmentation fault in getlocal and setlocal, as demonstrated by getlocal(3,2^31). network low complexity lua fedoraproject debian CWE-191	5.3
2020-08-13	CVE-2020-24332	Link Following vulnerability in multiple products An issue was discovered in TrouSerS through 0.3.14. local low complexity trustedcomputinggroup fedoraproject CWE-59	5.5
2020-08-13	CVE-2020-17498	Double Free vulnerability in multiple products In Wireshark 3.2.0 to 3.2.5, the Kafka protocol dissector could crash. network low complexity wireshark fedoraproject opensuse oracle CWE-415	6.5
2020-08-12	CVE-2020-17507	Out-of-bounds Read vulnerability in multiple products An issue was discovered in Qt through 5.12.9, and 5.13.x through 5.15.x before 5.15.1. network low complexity qt debian fedoraproject CWE-125	5.3
2020-08-12	CVE-2020-16145	Cross-site Scripting vulnerability in multiple products Roundcube Webmail before 1.3.15 and 1.4.8 allows stored XSS in HTML messages during message display via a crafted SVG document. network low complexity roundcube fedoraproject CWE-79	6.1