Fedora

DATE	CVE	VULNERABILITY TITLE	RISK
2020-09-15	CVE-2020-8927	Classic Buffer Overflow vulnerability in multiple products A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. network low complexity google debian fedoraproject canonical opensuse microsoft CWE-120	6.5
2020-09-11	CVE-2020-14363	Integer Overflow or Wraparound vulnerability in multiple products An integer overflow vulnerability leading to a double-free was found in libX11. local low complexity x-org fedoraproject CWE-190	7.8
2020-09-11	CVE-2020-15169	In Action View before versions 5.2.4.4 and 6.0.3.3 there is a potential Cross-Site Scripting (XSS) vulnerability in Action View's translation helpers. network low complexity action-view-project debian fedoraproject	6.1
2020-09-11	CVE-2020-15166	In ZeroMQ before version 4.3.3, there is a denial-of-service vulnerability. network low complexity zeromq fedoraproject debian	7.5
2020-09-09	CVE-2020-25219	Uncontrolled Recursion vulnerability in multiple products url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger uncontrolled recursion via a response composed of an infinite stream that lacks a newline character. network low complexity libproxy-project debian fedoraproject opensuse canonical CWE-674	7.5
2020-09-09	CVE-2020-25211	Classic Buffer Overflow vulnerability in multiple products In the Linux kernel through 5.8.7, local attackers able to inject conntrack netlink configuration could overflow a local buffer, causing crashes or triggering use of incorrect protocol numbers in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c, aka CID-1cc5ef91d2ff. local low complexity linux debian fedoraproject CWE-120	6.0
2020-09-09	CVE-2020-14342	OS Command Injection vulnerability in multiple products It was found that cifs-utils' mount.cifs was invoking a shell when requesting the Samba password, which could be used to inject arbitrary commands. local high complexity samba fedoraproject opensuse CWE-78	7.0
2020-09-04	CVE-2020-24659	NULL Pointer Dereference vulnerability in multiple products An issue was discovered in GnuTLS before 3.6.15. network low complexity gnu fedoraproject opensuse canonical CWE-476	7.5
2020-09-04	CVE-2020-24977	Out-of-bounds Read vulnerability in multiple products GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. network low complexity xmlsoft debian fedoraproject opensuse netapp oracle CWE-125	6.5
2020-09-02	CVE-2020-15094	In Symfony before versions 4.4.13 and 5.1.5, the CachingHttpClient class from the HttpClient Symfony component relies on the HttpCache class to handle requests. network low complexity sensiolabs fedoraproject	8.8