Fedora

DATE	CVE	VULNERABILITY TITLE	RISK
2020-05-12	CVE-2020-12823	Classic Buffer Overflow vulnerability in multiple products OpenConnect 8.09 has a buffer overflow, causing a denial of service (application crash) or possibly unspecified other impact, via crafted certificate data to get_cert_name in gnutls.c. network low complexity infradead fedoraproject debian opensuse CWE-120 critical	9.8
2020-05-12	CVE-2020-8156	Improper Certificate Validation vulnerability in multiple products A missing verification of the TLS host in Nextcloud Mail 1.1.3 allowed a man in the middle attack. network high complexity nextcloud fedoraproject CWE-295	7.0
2020-05-12	CVE-2020-8153	Incorrect Permission Assignment for Critical Resource vulnerability in multiple products Improper access control in Groupfolders app 4.0.3 allowed to delete hidden directories when when renaming an accessible item to the same name. network low complexity nextcloud fedoraproject CWE-732	8.1
2020-05-12	CVE-2020-8151	Incorrect Authorization vulnerability in multiple products There is a possible information disclosure issue in Active Resource <v5.1.1 that could allow an attacker to create specially crafted requests to access data in an unexpected way and possibly leak information. network low complexity rubyonrails fedoraproject CWE-863	7.5
2020-05-11	CVE-2018-1285	XXE vulnerability in multiple products Apache log4net versions before 2.0.10 do not disable XML external entities when parsing log4net configuration files. network low complexity apache fedoraproject oracle netapp CWE-611 critical	9.8
2020-05-11	CVE-2020-11866	Use After Free vulnerability in multiple products libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows a use-after-free. local low complexity libemf-project opensuse fedoraproject CWE-416	7.8
2020-05-11	CVE-2020-11865	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows out-of-bounds memory access. local low complexity libemf-project opensuse fedoraproject CWE-119	7.8
2020-05-11	CVE-2020-11864	libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows denial of service (issue 2 of 2). local low complexity libemf-project opensuse fedoraproject	5.5
2020-05-11	CVE-2020-11863	libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows denial of service (issue 1 of 2). local low complexity libemf-project opensuse fedoraproject	5.5
2020-05-11	CVE-2020-12783	Out-of-bounds Read vulnerability in multiple products Exim through 4.93 has an out-of-bounds read in the SPA authenticator that could result in SPA/NTLM authentication bypass in auths/spa.c and auths/auth-spa.c. network low complexity exim fedoraproject debian canonical CWE-125	7.5