Fedora

DATE	CVE	VULNERABILITY TITLE	RISK
2020-02-05	CVE-2010-5304	NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference flaw was found in the way LibVNCServer before 0.9.9 handled certain ClientCutText message. network low complexity libvncserver-project fedoraproject CWE-476	7.5
2020-02-05	CVE-2020-5208	It's been found that multiple functions in ipmitool before 1.8.19 neglect proper checking of the data received from a remote LAN party, which may lead to buffer overflows and potentially to remote code execution on the ipmitool side. network low complexity ipmitool-project debian fedoraproject opensuse	8.8
2020-02-04	CVE-2019-12528	An issue was discovered in Squid before 4.10. network low complexity squid-cache fedoraproject debian opensuse canonical	7.5
2020-02-04	CVE-2020-8450	Incorrect Calculation of Buffer Size vulnerability in multiple products An issue was discovered in Squid before 4.10. network low complexity squid-cache canonical opensuse fedoraproject debian CWE-131	7.3
2020-02-04	CVE-2020-8449	Exposure of Resource to Wrong Sphere vulnerability in multiple products An issue was discovered in Squid before 4.10. network low complexity squid-cache debian canonical opensuse fedoraproject CWE-668	7.5
2020-02-02	CVE-2019-20446	Resource Exhaustion vulnerability in multiple products In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG file with nested patterns can cause denial of service when passed to the library for processing. network low complexity gnome opensuse fedoraproject debian canonical netapp CWE-400	6.5
2020-01-31	CVE-2015-6815	Infinite Loop vulnerability in multiple products The process_tx_desc function in hw/net/e1000.c in QEMU before 2.4.0.1 does not properly process transmit descriptor data when sending a network packet, which allows attackers to cause a denial of service (infinite loop and guest crash) via unspecified vectors. low complexity qemu fedoraproject novell canonical redhat xen arista CWE-835	3.5
2020-01-31	CVE-2011-4088	Information Exposure vulnerability in multiple products ABRT might allow attackers to obtain sensitive information from crash reports. network low complexity abrt-project fedoraproject redhat CWE-200	7.5
2020-01-30	CVE-2020-8492	Resource Exhaustion vulnerability in multiple products Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking. network low complexity python opensuse canonical fedoraproject debian CWE-400	6.5
2020-01-29	CVE-2019-20445	HTTP Request Smuggling vulnerability in multiple products HttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length header to be accompanied by a second Content-Length header, or by a Transfer-Encoding header. network low complexity netty debian fedoraproject canonical redhat apache CWE-444 critical	9.1