| 2020-06-30 | CVE-2020-15396 | Race Condition vulnerability in multiple products
In HylaFAX+ through 7.0.2 and HylaFAX Enterprise, the faxsetup utility calls chown on files in user-owned directories. | 7.8 |
| 2020-06-30 | CVE-2017-18922 | Out-of-bounds Write vulnerability in multiple products
It was discovered that websockets.c in LibVNCServer prior to 0.9.12 did not properly decode certain WebSocket frames. | 9.8 |
| 2020-06-29 | CVE-2020-15393 | Memory Leak vulnerability in multiple products
In the Linux kernel 4.4 through 5.7.6, usbtest_disconnect in drivers/usb/misc/usbtest.c has a memory leak, aka CID-28ebeb8db770. | 5.5 |
| 2020-06-29 | CVE-2020-4067 | In coturn before version 4.5.1.3, there is an issue whereby STUN/TURN response buffer is not initialized properly. | 7.5 |
| 2020-06-29 | CVE-2020-8014 | Unspecified vulnerability in Opensuse Leap and Tumbleweed Kopano-Spamd
A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of kopano-spamd of openSUSE Leap 15.1, openSUSE Tumbleweed allowed local attackers with the privileges of the kopano user to escalate to root. | 7.8 |
| 2020-06-29 | CVE-2020-8022 | A Incorrect Default Permissions vulnerability in the packaging of tomcat on SUSE Enterprise Storage 5, SUSE Linux Enterprise Server 12-SP2-BCL, SUSE Linux Enterprise Server 12-SP2-LTSS, SUSE Linux Enterprise Server 12-SP3-BCL, SUSE Linux Enterprise Server 12-SP3-LTSS, SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server 12-SP5, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 12-SP2, SUSE Linux Enterprise Server for SAP 12-SP3, SUSE Linux Enterprise Server for SAP 15, SUSE OpenStack Cloud 7, SUSE OpenStack Cloud 8, SUSE OpenStack Cloud Crowbar 8 allows local attackers to escalate from group tomcat to root. | 7.8 |
| 2020-06-26 | CVE-2020-11996 | A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat 10.0.0-M1 to 10.0.0-M5, 9.0.0.M1 to 9.0.35 and 8.5.0 to 8.5.55 could trigger high CPU usage for several seconds. | 7.5 |
| 2020-06-26 | CVE-2020-10769 | Out-of-bounds Read vulnerability in multiple products
A buffer over-read flaw was found in RH kernel versions before 5.0 in crypto_authenc_extractkeys in crypto/authenc.c in the IPsec Cryptographic algorithm's module, authenc. | 5.5 |
| 2020-06-26 | CVE-2020-10753 | Injection vulnerability in multiple products
A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gateway). | 6.5 |
| 2020-06-26 | CVE-2020-15306 | Out-of-bounds Write vulnerability in multiple products
An issue was discovered in OpenEXR before v2.5.2. | 5.5 |