Vulnerabilities > Fedoraproject > Fedora > 31

DATE	CVE	VULNERABILITY TITLE	RISK
2020-10-06	CVE-2020-25862	Improper Validation of Integrity Check Value vulnerability in multiple products In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the TCP dissector could crash. network low complexity wireshark fedoraproject opensuse debian oracle CWE-354	7.5
2020-10-02	CVE-2020-7070	Reliance on Cookies without Validation and Integrity Checking vulnerability in multiple products In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when PHP is processing incoming HTTP cookie values, the cookie names are url-decoded. network low complexity php fedoraproject debian opensuse canonical netapp tenable CWE-565	5.3
2020-10-02	CVE-2020-7069	Inadequate Encryption Strength vulnerability in multiple products In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when AES-CCM mode is used with openssl_encrypt() function with 12 bytes IV, only first 7 bytes of the IV is actually used. network low complexity php fedoraproject debian opensuse canonical netapp oracle tenable CWE-326	6.5
2020-10-01	CVE-2020-11979	As mitigation for CVE-2020-1945 Apache Ant 1.10.8 changed the permissions of temporary files it created so that only the current user was allowed to access them. network low complexity apache gradle fedoraproject oracle	7.5
2020-09-27	CVE-2020-26116	Injection vulnerability in multiple products http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of HTTPConnection.request. network low complexity python fedoraproject canonical netapp debian oracle opensuse CWE-74	7.2
2020-09-23	CVE-2020-25604	Race Condition vulnerability in multiple products An issue was discovered in Xen through 4.14.x. local high complexity xen fedoraproject debian opensuse CWE-362	4.7
2020-09-23	CVE-2020-25603	Always-Incorrect Control Flow Implementation vulnerability in multiple products An issue was discovered in Xen through 4.14.x. local low complexity xen fedoraproject opensuse debian CWE-670	7.8
2020-09-23	CVE-2020-25602	Improper Handling of Exceptional Conditions vulnerability in multiple products An issue was discovered in Xen through 4.14.x. local low complexity xen fedoraproject debian opensuse CWE-755	6.0
2020-09-23	CVE-2020-25601	An issue was discovered in Xen through 4.14.x. local low complexity xen debian fedoraproject opensuse	5.5
2020-09-23	CVE-2020-25600	Out-of-bounds Write vulnerability in multiple products An issue was discovered in Xen through 4.14.x. local low complexity xen fedoraproject opensuse debian CWE-787	5.5