Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-06-22	CVE-2020-11095	In FreeRDP before version 2.1.2, an out of bound reads occurs resulting in accessing a memory location that is outside of the boundaries of the static array PRIMARY_DRAWING_ORDER_FIELD_BYTES. network low complexity freerdp fedoraproject opensuse canonical debian	5.4
2020-06-21	CVE-2020-14954	Injection vulnerability in multiple products Mutt before 1.14.4 and NeoMutt before 2020-06-19 have a STARTTLS buffering issue that affects IMAP, SMTP, and POP3. network high complexity mutt debian neomutt fedoraproject canonical opensuse CWE-74	5.9
2020-06-18	CVE-2020-14422	Use of Insufficiently Random Values vulnerability in multiple products Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a remote attacker to cause a denial of service if an application is affected by the performance of a dictionary containing IPv4Interface or IPv6Interface objects, and this attacker can cause many dictionary entries to be created. network high complexity opensuse python fedoraproject oracle CWE-330	5.9
2020-06-18	CVE-2020-14416	Use After Free vulnerability in multiple products In the Linux kernel before 5.4.16, a race condition in tty->disc_data handling in the slip and slcan line discipline could lead to a use-after-free, aka CID-0ace17d56824. local low complexity linux opensuse CWE-416	4.2
2020-06-17	CVE-2020-8619	Improper Resource Shutdown or Release vulnerability in multiple products In ISC BIND9 versions BIND 9.11.14 -> 9.11.19, BIND 9.14.9 -> 9.14.12, BIND 9.16.0 -> 9.16.3, BIND Supported Preview Edition 9.11.14-S1 -> 9.11.19-S1: Unless a nameserver is providing authoritative service for one or more zones and at least one zone contains an empty non-terminal entry containing an asterisk ("*") character, this defect cannot be encountered. network low complexity isc fedoraproject opensuse debian canonical netapp CWE-404	4.9
2020-06-17	CVE-2020-8618	Reachable Assertion vulnerability in multiple products An attacker who is permitted to send zone data to a server via zone transfer can exploit this to intentionally trigger the assertion failure with a specially constructed zone, denying service to clients. network low complexity isc opensuse netapp canonical CWE-617	4.9
2020-06-17	CVE-2020-14401	Integer Overflow or Wraparound vulnerability in multiple products An issue was discovered in LibVNCServer before 0.9.13. network low complexity libvncserver-project debian opensuse siemens CWE-190	6.5
2020-06-15	CVE-2020-0543	Incomplete Cleanup vulnerability in multiple products Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. local low complexity intel opensuse canonical fedoraproject siemens mcafee CWE-459	5.5
2020-06-15	CVE-2020-14093	Cleartext Transmission of Sensitive Information vulnerability in multiple products Mutt before 1.14.3 allows an IMAP fcc/postpone man-in-the-middle attack via a PREAUTH response. network high complexity mutt canonical debian opensuse CWE-319	5.9
2020-06-12	CVE-2020-10732	A flaw was found in the Linux kernel's implementation of Userspace core dumps. local low complexity linux opensuse canonical netapp	4.4