Vulnerabilities > Fedoraproject > Fedora > 31
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-08 | CVE-2020-27818 | Out-of-bounds Read vulnerability in multiple products A flaw was found in the check_chunk_name() function of pngcheck-2.4.0. | 3.3 |
| 2020-11-12 | CVE-2020-8698 | Exposure of Resource to Wrong Sphere vulnerability in multiple products Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | 5.5 |
| 2020-11-12 | CVE-2020-8696 | Improper Cross-boundary Removal of Sensitive Data vulnerability in multiple products Improper removal of sensitive information before storage or transfer in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | 5.5 |
| 2020-11-12 | CVE-2020-8695 | Information Exposure Through Discrepancy vulnerability in multiple products Observable discrepancy in the RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. | 5.5 |
| 2020-11-06 | CVE-2017-18926 | Out-of-bounds Write vulnerability in multiple products raptor_xml_writer_start_element_common in raptor_xml_writer.c in Raptor RDF Syntax Library 2.0.15 miscalculates the maximum nspace declarations for the XML writer, leading to heap-based buffer overflows (sometimes seen in raptor_qname_format_as_xml). | 7.1 |
| 2020-11-06 | CVE-2020-28196 | Uncontrolled Recursion vulnerability in multiple products MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite lengths lacks a recursion limit. | 7.5 |
| 2020-11-06 | CVE-2020-16846 | OS Command Injection vulnerability in multiple products An issue was discovered in SaltStack Salt through 3002. | 9.8 |
| 2020-11-03 | CVE-2020-6557 | Inappropriate implementation in networking in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page. | 6.5 |
| 2020-11-03 | CVE-2020-16003 | Use After Free vulnerability in multiple products Use after free in printing in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2020-11-03 | CVE-2020-16002 | Use After Free vulnerability in multiple products Use after free in PDFium in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. | 8.8 |