Vulnerabilities > Fedoraproject > Fedora > 31

DATE	CVE	VULNERABILITY TITLE	RISK
2020-06-01	CVE-2020-13757	Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products Python-RSA before 4.1 ignores leading '\0' bytes during decryption of ciphertext. network low complexity python-rsa-project fedoraproject canonical CWE-327	7.5
2020-05-28	CVE-2020-13645	Improper Certificate Validation vulnerability in multiple products In GNOME glib-networking through 2.64.2, the implementation of GTlsClientConnection skips hostname verification of the server's TLS certificate if the application fails to specify the expected server identity. network low complexity gnome canonical fedoraproject netapp broadcom CWE-295	6.5
2020-05-27	CVE-2020-10936	Improper Privilege Management vulnerability in multiple products Sympa before 6.2.56 allows privilege escalation. local low complexity sympa fedoraproject debian canonical CWE-269	7.8
2020-05-21	CVE-2020-12693	Slurm 19.05.x before 19.05.7 and 20.02.x before 20.02.3, in the rare case where Message Aggregation is enabled, allows Authentication Bypass via an Alternate Path or Channel. network high complexity schedmd fedoraproject opensuse debian	8.1
2020-05-21	CVE-2020-6491	Insufficient data validation in site information in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to spoof security UI via a crafted domain name. network low complexity google debian opensuse fedoraproject	6.5
2020-05-21	CVE-2020-6490	Exposure of Resource to Wrong Sphere vulnerability in multiple products Insufficient data validation in loader in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had been able to write to disk to leak cross-origin data via a crafted HTML page. network low complexity google debian opensuse fedoraproject CWE-668	4.3
2020-05-21	CVE-2020-6489	Information Exposure vulnerability in multiple products Inappropriate implementation in developer tools in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had convinced the user to take certain actions in developer tools to obtain potentially sensitive information from disk via a crafted HTML page. network low complexity google debian opensuse fedoraproject CWE-200	4.3
2020-05-21	CVE-2020-6488	Incorrect Default Permissions vulnerability in multiple products Insufficient policy enforcement in downloads in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. network low complexity google debian opensuse fedoraproject CWE-276	4.3
2020-05-21	CVE-2020-6487	Incorrect Default Permissions vulnerability in multiple products Insufficient policy enforcement in downloads in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. network low complexity google debian opensuse fedoraproject CWE-276	6.5
2020-05-21	CVE-2020-6486	Insufficient policy enforcement in navigations in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. network low complexity google debian opensuse fedoraproject	6.5