Vulnerabilities > Fedoraproject > Fedora > 31

DATE CVE VULNERABILITY TITLE RISK
2020-09-23 CVE-2020-25599 Race Condition vulnerability in multiple products
An issue was discovered in Xen through 4.14.x.
local
high complexity
xen fedoraproject opensuse debian CWE-362
7.0
7.0
2020-09-23 CVE-2020-25598 Always-Incorrect Control Flow Implementation vulnerability in multiple products
An issue was discovered in Xen 4.14.x.
local
low complexity
xen fedoraproject opensuse CWE-670
5.5
5.5
2020-09-23 CVE-2020-25597 Improper Handling of Exceptional Conditions vulnerability in multiple products
An issue was discovered in Xen through 4.14.x.
local
low complexity
xen fedoraproject CWE-755
6.5
6.5
2020-09-23 CVE-2020-25596 Injection vulnerability in multiple products
An issue was discovered in Xen through 4.14.x.
local
low complexity
xen fedoraproject debian opensuse CWE-74
5.5
5.5
2020-09-23 CVE-2020-25595 Improper Privilege Management vulnerability in multiple products
An issue was discovered in Xen through 4.14.x.
local
low complexity
xen fedoraproject debian opensuse CWE-269
7.8
7.8
2020-09-23 CVE-2020-14370 Improper Cross-boundary Removal of Sensitive Data vulnerability in multiple products
An information disclosure vulnerability was found in containers/podman in versions before 2.0.5.
network
high complexity
podman-project redhat fedoraproject CWE-212
5.3
5.3
2020-09-21 CVE-2020-6576 Use After Free vulnerability in multiple products
Use after free in offscreen canvas in Google Chrome prior to 85.0.4183.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian opensuse fedoraproject CWE-416
8.8
8.8
2020-09-21 CVE-2020-6575 Race Condition vulnerability in multiple products
Race in Mojo in Google Chrome prior to 85.0.4183.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
network
high complexity
google debian opensuse fedoraproject CWE-362
8.3
8.3
2020-09-21 CVE-2020-6574 Insufficient policy enforcement in installer in Google Chrome on OS X prior to 85.0.4183.102 allowed a local attacker to potentially achieve privilege escalation via a crafted binary.
local
low complexity
google opensuse debian fedoraproject
7.8
7.8
2020-09-21 CVE-2020-6573 Use After Free vulnerability in multiple products
Use after free in video in Google Chrome on Android prior to 85.0.4183.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
network
low complexity
google debian opensuse fedoraproject CWE-416
critical
 9.6
9.6