Vulnerabilities > Fedoraproject > Fedora > 31

DATE CVE VULNERABILITY TITLE RISK
2020-06-09 CVE-2020-13965 Cross-site Scripting vulnerability in multiple products
An issue was discovered in Roundcube Webmail before 1.3.12 and 1.4.x before 1.4.5.
network
low complexity
roundcube debian fedoraproject CWE-79
6.1
2020-06-09 CVE-2020-13964 Cross-site Scripting vulnerability in multiple products
An issue was discovered in Roundcube Webmail before 1.3.12 and 1.4.x before 1.4.5.
network
low complexity
roundcube fedoraproject debian CWE-79
6.1
2020-06-09 CVE-2020-13962 Qt 5.12.2 through 5.14.2, as used in unofficial builds of Mumble 1.3.0 and other products, mishandles OpenSSL's error queue, which can cause a denial of service to QSslSocket users.
network
low complexity
mumble qt fedoraproject opensuse
7.5
2020-06-08 CVE-2020-10754 Missing Authentication for Critical Function vulnerability in multiple products
It was found that nmcli, a command line interface to NetworkManager did not honour 802-1x.ca-path and 802-1x.phase2-ca-path settings, when creating a new profile.
network
low complexity
gnome fedoraproject CWE-306
4.3
2020-06-08 CVE-2020-13696 Incorrect Authorization vulnerability in multiple products
An issue was discovered in LinuxTV xawtv before 3.107.
4.4
2020-06-08 CVE-2020-13625 Improper Encoding or Escaping of Output vulnerability in multiple products
PHPMailer before 6.1.6 contains an output escaping bug when the name of a file attachment contains a double quote character.
7.5
2020-06-08 CVE-2020-12695 Incorrect Default Permissions vulnerability in multiple products
The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue.
7.5
2020-06-08 CVE-2020-12803 Improper Input Validation vulnerability in multiple products
ODF documents can contain forms to be filled out by the user.
network
low complexity
libreoffice opensuse fedoraproject CWE-20
6.5
2020-06-08 CVE-2020-12802 LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources.
network
low complexity
libreoffice fedoraproject opensuse
5.3
2020-06-05 CVE-2020-12723 Classic Buffer Overflow vulnerability in multiple products
regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls.
network
low complexity
perl netapp fedoraproject opensuse oracle CWE-120
7.5