Vulnerabilities > Fedoraproject > Fedora > 34

DATE CVE VULNERABILITY TITLE RISK
2020-06-09 CVE-2020-13977 Inclusion of Functionality from Untrusted Control Sphere vulnerability in multiple products
Nagios 4.4.5 allows an attacker, who already has administrative access to change the "URL for JSON CGIs" configuration setting, to modify the Alert Histogram and Trends code via crafted versions of the archivejson.cgi, objectjson.cgi, and statusjson.cgi files.
network
low complexity
nagios fedoraproject CWE-829
4.9
4.9
2020-05-26 CVE-2020-13614 Improper Certificate Validation vulnerability in multiple products
An issue was discovered in ssl.c in Axel before 2.17.8.
network
high complexity
axel-project fedoraproject opensuse CWE-295
5.9
5.9
2020-04-27 CVE-2020-12272 Authentication Bypass by Spoofing vulnerability in multiple products
OpenDMARC through 1.3.2 and 1.4.x allows attacks that inject authentication results to provide false information about the domain that originated an e-mail message.
network
low complexity
trusteddomain fedoraproject CWE-290
5.3
5.3
2020-04-27 CVE-2019-20790 Authentication Bypass by Spoofing vulnerability in multiple products
OpenDMARC through 1.3.2 and 1.4.x, when used with pypolicyd-spf 2.0.2, allows attacks that bypass SPF and DMARC authentication in situations where the HELO field is inconsistent with the MAIL FROM field.
network
low complexity
trusteddomain pypolicyd-spf-project fedoraproject CWE-290
critical
 9.8
9.8
2020-01-13 CVE-2020-6860 Out-of-bounds Write vulnerability in multiple products
libmysofa 0.9.1 has a stack-based buffer overflow in readDataVar in hdf/dataobject.c during the reading of a header message attribute.
network
low complexity
symonics fedoraproject CWE-787
8.8
8.8
2019-12-13 CVE-2019-19787 Out-of-bounds Write vulnerability in multiple products
ATasm 1.06 has a stack-based buffer overflow in the get_signed_expression() function in setparse.c via a crafted .m65 file.
local
low complexity
atasm-project fedoraproject CWE-787
7.8
7.8
2019-12-13 CVE-2019-19786 Out-of-bounds Write vulnerability in multiple products
ATasm 1.06 has a stack-based buffer overflow in the parse_expr() function in setparse.c via a crafted .m65 file.
local
low complexity
atasm-project fedoraproject CWE-787
7.8
7.8
2019-12-13 CVE-2019-19785 Out-of-bounds Write vulnerability in multiple products
ATasm 1.06 has a stack-based buffer overflow in the to_comma() function in asm.c via a crafted .m65 file.
local
low complexity
atasm-project fedoraproject CWE-787
7.8
7.8
2019-12-09 CVE-2019-19648 Out-of-bounds Read vulnerability in multiple products
In the macho_parse_file functionality in macho/macho.c of YARA 3.11.0, command_size may be inconsistent with the real size.
local
low complexity
virustotal fedoraproject CWE-125
7.8
7.8
2019-01-31 CVE-2019-7282 In NetKit through 0.17, rcp.c in the rcp client allows remote rsh servers to bypass intended access restrictions via the filename of .
network
high complexity
netkit debian fedoraproject
5.9
5.9