Vulnerabilities > Fedoraproject > Fedora > 31

DATE	CVE	VULNERABILITY TITLE	RISK
2020-06-08	CVE-2020-12803	Improper Input Validation vulnerability in multiple products ODF documents can contain forms to be filled out by the user. network low complexity libreoffice opensuse fedoraproject CWE-20	6.5
2020-06-08	CVE-2020-12802	LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. network low complexity libreoffice fedoraproject opensuse	5.3
2020-06-05	CVE-2020-12723	Classic Buffer Overflow vulnerability in multiple products regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls. network low complexity perl netapp fedoraproject opensuse oracle CWE-120	7.5
2020-06-05	CVE-2020-10878	Integer Overflow or Wraparound vulnerability in multiple products Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation. network low complexity perl fedoraproject opensuse netapp oracle CWE-190	8.6
2020-06-05	CVE-2020-10543	Integer Overflow or Wraparound vulnerability in multiple products Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow. network low complexity perl fedoraproject opensuse oracle CWE-190	8.2
2020-06-04	CVE-2020-13777	Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting a session ticket (a loss of confidentiality in TLS 1.2, and an authentication bypass in TLS 1.3). network high complexity gnu fedoraproject canonical debian CWE-327	7.4
2020-06-03	CVE-2020-11080	In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial of service. network low complexity nghttp2 debian opensuse fedoraproject oracle nodejs	7.5
2020-06-03	CVE-2020-13379	Server-Side Request Forgery (SSRF) vulnerability in multiple products The avatar feature in Grafana 3.0.1 through 7.0.1 has an SSRF Incorrect Access Control issue. network low complexity grafana fedoraproject netapp opensuse CWE-918	8.2
2020-06-02	CVE-2020-13775	NULL Pointer Dereference vulnerability in multiple products ZNC 1.8.0 up to 1.8.1-rc1 allows authenticated users to trigger an application crash (with a NULL pointer dereference) if echo-message is not enabled and there is no network. network low complexity znc fedoraproject CWE-476	6.5
2020-06-02	CVE-2020-13401	Improper Input Validation vulnerability in multiple products An issue was discovered in Docker Engine before 19.03.11. network high complexity docker fedoraproject debian broadcom CWE-20	6.0