Vulnerabilities > Fedoraproject > Fedora > 31

DATE	CVE	VULNERABILITY TITLE	RISK
2020-09-09	CVE-2020-25211	Classic Buffer Overflow vulnerability in multiple products In the Linux kernel through 5.8.7, local attackers able to inject conntrack netlink configuration could overflow a local buffer, causing crashes or triggering use of incorrect protocol numbers in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c, aka CID-1cc5ef91d2ff. local low complexity linux debian fedoraproject CWE-120	6.0
2020-09-04	CVE-2020-24977	Out-of-bounds Read vulnerability in multiple products GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. network low complexity xmlsoft debian fedoraproject opensuse netapp oracle CWE-125	6.5
2020-09-02	CVE-2020-15811	Incorrect Comparison vulnerability in multiple products An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. network low complexity squid-cache canonical debian fedoraproject opensuse CWE-697	6.5
2020-09-02	CVE-2020-15810	HTTP Request Smuggling vulnerability in multiple products An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. network low complexity squid-cache canonical debian fedoraproject opensuse CWE-444	6.5
2020-09-02	CVE-2020-16150	Information Exposure Through Discrepancy vulnerability in multiple products A Lucky 13 timing side channel in mbedtls_ssl_decrypt_buf in library/ssl_msg.c in Trusted Firmware Mbed TLS through 2.23.0 allows an attacker to recover secret key information. local low complexity arm fedoraproject debian CWE-203	5.5
2020-09-01	CVE-2020-24584	Incorrect Default Permissions vulnerability in multiple products An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 (when Python 3.7+ is used). network low complexity djangoproject canonical fedoraproject oracle CWE-276	7.5
2020-09-01	CVE-2020-24583	Incorrect Default Permissions vulnerability in multiple products An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 (when Python 3.7+ is used). network low complexity djangoproject canonical fedoraproject oracle CWE-276	7.5
2020-08-31	CVE-2020-14364	Out-of-bounds Write vulnerability in multiple products An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. local high complexity qemu redhat fedoraproject debian opensuse canonical CWE-787	5.0
2020-08-30	CVE-2020-14352	Path Traversal vulnerability in multiple products A flaw was found in librepo in versions before 1.12.1. network low complexity redhat opensuse fedoraproject CWE-22	8.0
2020-08-26	CVE-2020-24661	Improper Certificate Validation vulnerability in multiple products GNOME Geary before 3.36.3 mishandles pinned TLS certificate verification for IMAP and SMTP services using invalid TLS certificates (e.g., self-signed certificates) when the client system is not configured to use a system-provided PKCS#11 store. network high complexity gnome fedoraproject CWE-295	5.9