Fedora

DATE	CVE	VULNERABILITY TITLE	RISK
2020-01-03	CVE-2012-4451	Cross-site Scripting vulnerability in multiple products Multiple cross-site scripting (XSS) vulnerabilities in Zend Framework 2.0.x before 2.0.1 allow remote attackers to inject arbitrary web script or HTML via unspecified input to (1) Debug, (2) Feed\PubSubHubbub, (3) Log\Formatter\Xml, (4) Tag\Cloud\Decorator, (5) Uri, (6) View\Helper\HeadStyle, (7) View\Helper\Navigation\Sitemap, or (8) View\Helper\Placeholder\Container\AbstractStandalone, related to Escaper. network low complexity zend fedoraproject redhat CWE-79	6.1
2020-01-03	CVE-2020-5313	Out-of-bounds Read vulnerability in multiple products libImaging/FliDecode.c in Pillow before 6.2.2 has an FLI buffer overflow. network low complexity python debian canonical fedoraproject CWE-125	7.1
2020-01-03	CVE-2020-5312	Classic Buffer Overflow vulnerability in multiple products libImaging/PcxDecode.c in Pillow before 6.2.2 has a PCX P mode buffer overflow. network low complexity python canonical debian fedoraproject CWE-120 critical	9.8
2020-01-03	CVE-2020-5311	Classic Buffer Overflow vulnerability in multiple products libImaging/SgiRleDecode.c in Pillow before 6.2.2 has an SGI buffer overflow. network low complexity python debian canonical fedoraproject CWE-120 critical	9.8
2020-01-03	CVE-2020-5310	Integer Overflow or Wraparound vulnerability in multiple products libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer overflow, related to realloc. network low complexity python canonical fedoraproject CWE-190	8.8
2020-01-02	CVE-2013-4752	Cross-site Scripting vulnerability in multiple products Symfony 2.0.X before 2.0.24, 2.1.X before 2.1.12, 2.2.X before 2.2.5, and 2.3.X before 2.3.3 have an issue in the HttpFoundation component. network low complexity sensiolabs fedoraproject CWE-79	6.1
2019-12-31	CVE-2013-4357	Classic Buffer Overflow vulnerability in multiple products The eglibc package before 2.14 incorrectly handled the getaddrinfo() function. network low complexity eglibc novell debian canonical fedoraproject CWE-120	7.5
2019-12-31	CVE-2013-4161	Improper Privilege Management vulnerability in multiple products gksu-polkit-0.0.3-6.fc18 was reported as fixing the issue in CVE-2012-5617 but the patch was improperly applied and it did not fixed the security issue. local low complexity gksu-polkit-project fedoraproject CWE-269	7.8
2019-12-31	CVE-2019-20176	Resource Exhaustion vulnerability in multiple products In Pure-FTPd 1.0.49, a stack exhaustion issue was discovered in the listdir function in ls.c. network low complexity pureftpd fedoraproject CWE-400	7.5
2019-12-30	CVE-2012-5645	Resource Exhaustion vulnerability in multiple products A denial of service flaw was found in the way the server component of Freeciv before 2.3.4 processed certain packets. network low complexity freeciv fedoraproject CWE-400	7.5