Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-06-26	CVE-2020-15305	Use After Free vulnerability in multiple products An issue was discovered in OpenEXR before 2.5.2. local low complexity openexr fedoraproject opensuse debian canonical CWE-416	5.5
2020-06-26	CVE-2020-15304	NULL Pointer Dereference vulnerability in multiple products An issue was discovered in OpenEXR before 2.5.2. local low complexity openexr fedoraproject opensuse CWE-476	5.5
2020-06-24	CVE-2020-15025	Memory Leak vulnerability in multiple products ntpd in ntp 4.2.8 before 4.2.8p15 and 4.3.x before 4.3.101 allows remote attackers to cause a denial of service (memory consumption) by sending packets, because memory is not freed in situations where a CMAC key is used and associated with a CMAC algorithm in the ntp.keys file. network low complexity ntp opensuse netapp oracle CWE-401	4.9
2020-06-24	CVE-2020-12866	NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, GHSL-2020-079. low complexity sane-project canonical opensuse CWE-476	5.7
2020-06-24	CVE-2020-12864	Out-of-bounds Read vulnerability in multiple products An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-081. low complexity sane-project opensuse canonical CWE-125	4.3
2020-06-24	CVE-2020-12863	Out-of-bounds Read vulnerability in multiple products An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-083. low complexity sane-project debian canonical opensuse CWE-125	4.3
2020-06-24	CVE-2020-12862	Out-of-bounds Read vulnerability in multiple products An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-082. low complexity sane-project debian canonical opensuse CWE-125	4.3
2020-06-22	CVE-2020-4033	In FreeRDP before version 2.1.2, there is an out of bounds read in RLEDECOMPRESS. network low complexity freerdp fedoraproject opensuse canonical debian	6.5
2020-06-22	CVE-2020-4032	In FreeRDP before version 2.1.2, there is an integer casting vulnerability in update_recv_secondary_order. network low complexity freerdp opensuse fedoraproject canonical debian	4.3
2020-06-22	CVE-2020-4030	In FreeRDP before version 2.1.2, there is an out of bounds read in TrioParse. network low complexity freerdp fedoraproject opensuse canonical debian	6.5