Vulnerabilities > Fedoraproject > Fedora > 31

DATE	CVE	VULNERABILITY TITLE	RISK
2020-06-12	CVE-2020-4046	Cross-site Scripting vulnerability in multiple products In affected versions of WordPress, users with low privileges (like contributors and authors) can use the embed block in a certain way to inject unfiltered HTML in the block editor. network low complexity wordpress debian fedoraproject CWE-79	5.4
2020-06-10	CVE-2020-2026	Link Following vulnerability in multiple products A malicious guest compromised before a container creation (e.g. local low complexity katacontainers fedoraproject CWE-59	8.8
2020-06-09	CVE-2020-10757	Type Confusion vulnerability in multiple products A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages. local low complexity linux opensuse redhat fedoraproject debian canonical netapp CWE-843	7.8
2020-06-09	CVE-2020-13965	Cross-site Scripting vulnerability in multiple products An issue was discovered in Roundcube Webmail before 1.3.12 and 1.4.x before 1.4.5. network low complexity roundcube debian fedoraproject CWE-79	6.1
2020-06-09	CVE-2020-13964	Cross-site Scripting vulnerability in multiple products An issue was discovered in Roundcube Webmail before 1.3.12 and 1.4.x before 1.4.5. network low complexity roundcube fedoraproject debian CWE-79	6.1
2020-06-09	CVE-2020-13962	Qt 5.12.2 through 5.14.2, as used in unofficial builds of Mumble 1.3.0 and other products, mishandles OpenSSL's error queue, which can cause a denial of service to QSslSocket users. network low complexity mumble qt fedoraproject opensuse	7.5
2020-06-08	CVE-2020-10754	Missing Authentication for Critical Function vulnerability in multiple products It was found that nmcli, a command line interface to NetworkManager did not honour 802-1x.ca-path and 802-1x.phase2-ca-path settings, when creating a new profile. network low complexity gnome fedoraproject CWE-306	4.3
2020-06-08	CVE-2020-13696	Incorrect Authorization vulnerability in multiple products An issue was discovered in LinuxTV xawtv before 3.107. local low complexity linuxtv debian opensuse fedoraproject canonical CWE-863	4.4
2020-06-08	CVE-2020-13625	Improper Encoding or Escaping of Output vulnerability in multiple products PHPMailer before 6.1.6 contains an output escaping bug when the name of a file attachment contains a double quote character. network low complexity phpmailer-project fedoraproject canonical debian CWE-116	7.5
2020-06-08	CVE-2020-12695	Incorrect Default Permissions vulnerability in multiple products The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue. network high complexity ui w1-fi asus broadcom canon cisco dlink dell epson hp huawei nec netgear ruckussecurity tp-link zte zyxel microsoft fedoraproject debian canonical CWE-276	7.5