Vulnerabilities > Fedoraproject > Fedora > 34
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-06-09 | CVE-2020-13977 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in multiple products Nagios 4.4.5 allows an attacker, who already has administrative access to change the "URL for JSON CGIs" configuration setting, to modify the Alert Histogram and Trends code via crafted versions of the archivejson.cgi, objectjson.cgi, and statusjson.cgi files. | 4.9 |
2020-05-26 | CVE-2020-13614 | Improper Certificate Validation vulnerability in multiple products An issue was discovered in ssl.c in Axel before 2.17.8. | 5.9 |
2020-04-27 | CVE-2020-12272 | Authentication Bypass by Spoofing vulnerability in multiple products OpenDMARC through 1.3.2 and 1.4.x allows attacks that inject authentication results to provide false information about the domain that originated an e-mail message. | 5.3 |
2020-04-27 | CVE-2019-20790 | Authentication Bypass by Spoofing vulnerability in multiple products OpenDMARC through 1.3.2 and 1.4.x, when used with pypolicyd-spf 2.0.2, allows attacks that bypass SPF and DMARC authentication in situations where the HELO field is inconsistent with the MAIL FROM field. | 9.8 |
2020-01-13 | CVE-2020-6860 | Out-of-bounds Write vulnerability in multiple products libmysofa 0.9.1 has a stack-based buffer overflow in readDataVar in hdf/dataobject.c during the reading of a header message attribute. | 8.8 |
2019-12-13 | CVE-2019-19787 | Out-of-bounds Write vulnerability in multiple products ATasm 1.06 has a stack-based buffer overflow in the get_signed_expression() function in setparse.c via a crafted .m65 file. | 7.8 |
2019-12-13 | CVE-2019-19786 | Out-of-bounds Write vulnerability in multiple products ATasm 1.06 has a stack-based buffer overflow in the parse_expr() function in setparse.c via a crafted .m65 file. | 7.8 |
2019-12-13 | CVE-2019-19785 | Out-of-bounds Write vulnerability in multiple products ATasm 1.06 has a stack-based buffer overflow in the to_comma() function in asm.c via a crafted .m65 file. | 7.8 |
2019-12-09 | CVE-2019-19648 | Out-of-bounds Read vulnerability in multiple products In the macho_parse_file functionality in macho/macho.c of YARA 3.11.0, command_size may be inconsistent with the real size. | 7.8 |
2019-01-31 | CVE-2019-7282 | In NetKit through 0.17, rcp.c in the rcp client allows remote rsh servers to bypass intended access restrictions via the filename of . | 5.9 |