Fedora

DATE	CVE	VULNERABILITY TITLE	RISK
2020-02-12	CVE-2020-8955	Classic Buffer Overflow vulnerability in multiple products irc_mode_channel_update in plugins/irc/irc-mode.c in WeeChat through 2.7 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a malformed IRC message 324 (channel mode). network low complexity weechat fedoraproject opensuse debian CWE-120 critical	9.8
2020-02-12	CVE-2020-8945	Use After Free vulnerability in multiple products The proglottis Go wrapper before 0.1.1 for the GPGME library has a use-after-free, as demonstrated by use for container image pulls by Docker or CRI-O. network high complexity gpgme-project redhat fedoraproject CWE-416	7.5
2020-02-12	CVE-2020-7957	Improper Input Validation vulnerability in multiple products The IMAP and LMTP components in Dovecot 2.3.9 before 2.3.9.3 mishandle snippet generation when many characters must be read to compute the snippet and a trailing > character exists. network low complexity dovecot fedoraproject CWE-20	5.3
2020-02-12	CVE-2020-7046	Infinite Loop vulnerability in multiple products lib-smtp in submission-login and lmtp in Dovecot 2.3.9 before 2.3.9.3 mishandles truncated UTF-8 data in command parameters, as demonstrated by the unauthenticated triggering of a submission-login infinite loop. network low complexity dovecot fedoraproject CWE-835	7.5
2020-02-11	CVE-2020-6416	Improper Input Validation vulnerability in multiple products Insufficient data validation in streams in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject debian suse opensuse redhat CWE-20	8.8
2020-02-11	CVE-2020-6415	Out-of-bounds Write vulnerability in multiple products Inappropriate implementation in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject debian suse opensuse redhat CWE-787	8.8
2020-02-11	CVE-2020-6408	Insufficient policy enforcement in CORS in Google Chrome prior to 80.0.3987.87 allowed a local attacker to obtain potentially sensitive information via a crafted HTML page. network low complexity google opensuse fedoraproject debian suse redhat	6.5
2020-02-11	CVE-2020-6406	Use After Free vulnerability in multiple products Use after free in audio in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject debian suse redhat CWE-416	8.8
2020-02-11	CVE-2020-6404	Out-of-bounds Write vulnerability in multiple products Inappropriate implementation in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. network low complexity google opensuse fedoraproject debian suse redhat CWE-787	8.8
2020-02-11	CVE-2020-6403	Incorrect implementation in Omnibox in Google Chrome on iOS prior to 80.0.3987.87 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. network low complexity google opensuse fedoraproject debian suse redhat	4.3