Vulnerabilities > Fedoraproject > Fedora > 31
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-17 | CVE-2019-3996 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in multiple products ELOG 3.1.4-57bea22 and below can be used as an HTTP GET request proxy when unauthenticated remote attackers send crafted HTTP POST requests. | 6.5 |
| 2019-12-17 | CVE-2019-3995 | NULL Pointer Dereference vulnerability in multiple products ELOG 3.1.4-57bea22 and below is affected by a denial of service vulnerability due to a NULL pointer dereference. | 7.5 |
| 2019-12-17 | CVE-2019-3994 | Use After Free vulnerability in multiple products ELOG 3.1.4-57bea22 and below is affected by a denial of service vulnerability due to a use after free. | 7.5 |
| 2019-12-17 | CVE-2019-3993 | Cleartext Transmission of Sensitive Information vulnerability in multiple products ELOG 3.1.4-57bea22 and below is affected by an information disclosure vulnerability. | 7.5 |
| 2019-12-17 | CVE-2019-3992 | Cleartext Transmission of Sensitive Information vulnerability in multiple products ELOG 3.1.4-57bea22 and below is affected by an information disclosure vulnerability. | 7.5 |
| 2019-12-16 | CVE-2019-19783 | Improper Privilege Management vulnerability in multiple products An issue was discovered in Cyrus IMAP before 2.5.15, 3.0.x before 3.0.13, and 3.1.x through 3.1.8. | 6.5 |
| 2019-12-15 | CVE-2019-19797 | Out-of-bounds Write vulnerability in multiple products read_colordef in read.c in Xfig fig2dev 3.2.7b has an out-of-bounds write. | 5.5 |
| 2019-12-13 | CVE-2019-19722 | NULL Pointer Dereference vulnerability in multiple products In Dovecot before 2.3.9.2, an attacker can crash a push-notification driver with a crafted email when push notifications are used, because of a NULL Pointer Dereference. | 5.3 |
| 2019-12-13 | CVE-2019-16777 | Improper Privilege Management vulnerability in multiple products Versions of the npm CLI prior to 6.13.4 are vulnerable to an Arbitrary File Overwrite. | 6.5 |
| 2019-12-13 | CVE-2019-16776 | Path Traversal vulnerability in multiple products Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary File Write. | 8.1 |