Fedora

DATE	CVE	VULNERABILITY TITLE	RISK
2020-12-11	CVE-2020-26418	Memory Leak vulnerability in multiple products Memory leak in Kafka protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file. network low complexity wireshark fedoraproject debian oracle CWE-401	5.3
2020-12-11	CVE-2020-35132	Cross-site Scripting vulnerability in multiple products An XSS issue has been discovered in phpLDAPadmin before 1.2.6.2 that allows users to store malicious values that may be executed by other users at a later time via get_request in lib/function.php. network low complexity phpldapadmin-project fedoraproject CWE-79	5.4
2020-12-11	CVE-2020-27828	There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. local low complexity jasper-project fedoraproject	7.8
2020-12-10	CVE-2020-29668	Reliance on Cookies without Validation and Integrity Checking vulnerability in multiple products Sympa before 6.2.59b.2 allows remote attackers to obtain full SOAP API access by sending any arbitrary string (except one from an expired cookie) as the cookie value to authenticateAndRun. network high complexity sympa fedoraproject debian CWE-565	3.7
2020-12-09	CVE-2020-16592	Use After Free vulnerability in multiple products A use after free issue exists in the Binary File Descriptor (BFD) library (aka libbfd) in GNU Binutils 2.34 in bfd_hash_lookup, as demonstrated in nm-new, that can cause a denial of service via a crafted file. local low complexity gnu netapp fedoraproject CWE-416	5.5
2020-12-09	CVE-2020-26257	Resource Exhaustion vulnerability in multiple products Matrix is an ecosystem for open federated Instant Messaging and VoIP. network low complexity matrix fedoraproject CWE-400	6.5
2020-12-09	CVE-2020-29661	Improper Locking vulnerability in multiple products A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. local low complexity linux fedoraproject debian netapp broadcom oracle CWE-667	7.8
2020-12-09	CVE-2020-29660	Improper Locking vulnerability in multiple products A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. local low complexity linux fedoraproject debian netapp broadcom CWE-667	4.4
2020-12-09	CVE-2020-29651	A denial of service via regular expression in the py.path.svnwc component of py (aka python-py) through 1.9.0 could be used by attackers to cause a compute-time denial of service attack by supplying malicious input to the blame functionality. network low complexity pytest fedoraproject oracle	7.5
2020-12-08	CVE-2020-27918	Use After Free vulnerability in multiple products A use after free issue was addressed with improved memory management. local low complexity apple fedoraproject debian webkitgtk CWE-416	7.8