Vulnerabilities > Fedoraproject > Fedora > 31

DATE	CVE	VULNERABILITY TITLE	RISK
2020-05-20	CVE-2020-13249	libmariadb/mariadb_lib.c in MariaDB Connector/C before 3.1.8 does not properly validate the content of an OK packet received from a server. network low complexity mariadb opensuse fedoraproject	8.8
2020-05-20	CVE-2020-11078	CRLF Injection vulnerability in multiple products In httplib2 before version 0.18.0, an attacker controlling unescaped part of uri for `httplib2.Http.request()` could change request headers and body, send additional hidden requests to same server. network high complexity httplib2-project fedoraproject debian CWE-93	6.8
2020-05-20	CVE-2020-13231	Cross-Site Request Forgery (CSRF) vulnerability in multiple products In Cacti before 1.2.11, auth_profile.php?action=edit allows CSRF for an admin email change. network low complexity cacti fedoraproject CWE-352	6.5
2020-05-20	CVE-2020-13230	Improper Preservation of Permissions vulnerability in multiple products In Cacti before 1.2.11, disabling a user account does not immediately invalidate any permissions granted to that account (e.g., permission to view logs). network low complexity cacti debian fedoraproject CWE-281	4.3
2020-05-19	CVE-2020-13164	Uncontrolled Recursion vulnerability in multiple products In Wireshark 3.2.0 to 3.2.3, 3.0.0 to 3.0.10, and 2.6.0 to 2.6.16, the NFS dissector could crash. network low complexity wireshark debian opensuse fedoraproject CWE-674	7.5
2020-05-19	CVE-2020-10995	Resource Exhaustion vulnerability in multiple products PowerDNS Recursor from 4.1.0 up to and including 4.3.0 does not sufficiently defend against amplification attacks. network low complexity powerdns fedoraproject debian opensuse CWE-400	7.5
2020-05-19	CVE-2020-8617	Reachable Assertion vulnerability in multiple products Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows (or successfully guesses) the name of a TSIG key used by the server. network high complexity isc debian fedoraproject opensuse canonical CWE-617	5.9
2020-05-19	CVE-2020-12663	Infinite Loop vulnerability in multiple products Unbound before 1.10.1 has an infinite loop via malformed DNS answers received from upstream servers. network low complexity nlnetlabs debian opensuse canonical fedoraproject CWE-835	7.5
2020-05-19	CVE-2020-12662	Resource Exhaustion vulnerability in multiple products Unbound before 1.10.1 has Insufficient Control of Network Message Volume, aka an "NXNSAttack" issue. network low complexity nlnetlabs debian opensuse canonical fedoraproject CWE-400	7.5
2020-05-19	CVE-2020-12244	Improper Verification of Cryptographic Signature vulnerability in multiple products An issue has been found in PowerDNS Recursor 4.1.0 through 4.3.0 where records in the answer section of a NXDOMAIN response lacking an SOA were not properly validated in SyncRes::processAnswer, allowing an attacker to bypass DNSSEC validation. network low complexity powerdns fedoraproject debian opensuse CWE-347	7.5