Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-10-07	CVE-2020-14355	Classic Buffer Overflow vulnerability in multiple products Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system, before spice-0.14.2-1. network low complexity spice-project redhat canonical debian opensuse CWE-120	6.6
2020-10-06	CVE-2020-25641	Infinite Loop vulnerability in multiple products A flaw was found in the Linux kernel's implementation of biovecs in versions before 5.9-rc7. local low complexity linux redhat opensuse debian canonical CWE-835	5.5
2020-09-23	CVE-2020-14370	Improper Cross-boundary Removal of Sensitive Data vulnerability in multiple products An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. network high complexity podman-project redhat fedoraproject CWE-212	5.3
2020-09-15	CVE-2020-14331	A flaw was found in the Linux kernel’s implementation of the invert video code on VGA consoles when a local attacker attempts to resize the console, calling an ioctl VT_RESIZE, which causes an out-of-bounds write to occur. low complexity linux redhat	6.6
2020-09-15	CVE-2020-10759	Unspecified vulnerability in Redhat Enterprise Linux 7.0/8.0 A PGP signature bypass flaw was found in fwupd (all versions), which could lead to the installation of unsigned firmware. local low complexity redhat	6.0
2020-09-03	CVE-2020-14373	Use After Free vulnerability in multiple products A use after free was found in igc_reloc_struct_ptr() of psi/igc.c of ghostscript-9.25. local low complexity artifex redhat CWE-416	5.5
2020-08-31	CVE-2020-14364	Out-of-bounds Write vulnerability in multiple products An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. local high complexity qemu redhat fedoraproject debian opensuse canonical CWE-787	5.0
2020-07-31	CVE-2020-14311	There is an issue with grub2 before version 2.06 while handling symlink on ext filesystems. local low complexity gnu redhat opensuse canonical	6.0
2020-07-31	CVE-2020-14310	Integer Overflow or Wraparound vulnerability in multiple products There is an issue on grub2 before version 2.06 at function read_section_as_string(). local low complexity gnu redhat opensuse canonical CWE-190	6.0
2020-07-29	CVE-2020-15707	Integer Overflow or Wraparound vulnerability in multiple products Integer overflows were discovered in the functions grub_cmd_initrd and grub_initrd_init in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu (the functionality is not included in GRUB2 upstream), leading to a heap-based buffer overflow. local high complexity gnu redhat microsoft canonical debian suse opensuse netapp CWE-190	6.4