Vulnerabilities > Fedoraproject > Fedora > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-01-04 CVE-2020-24386 An issue was discovered in Dovecot before 2.3.13.
network
high complexity
dovecot debian fedoraproject
6.8
6.8
2021-01-04 CVE-2020-35496 There's a flaw in bfd_pef_scan_start_address() of bfd/pef.c in binutils which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference.
local
low complexity
gnu fedoraproject netapp broadcom
5.5
5.5
2021-01-04 CVE-2020-35495 There's a flaw in binutils /bfd/pef.c.
local
low complexity
gnu fedoraproject netapp broadcom
5.5
5.5
2021-01-04 CVE-2020-35494 There's a flaw in binutils /opcodes/tic4x-dis.c.
local
low complexity
gnu fedoraproject netapp broadcom
6.1
6.1
2021-01-04 CVE-2020-35493 A flaw exists in binutils in bfd/pef.c.
local
low complexity
gnu fedoraproject netapp broadcom
5.5
5.5
2020-12-31 CVE-2020-35884 HTTP Request Smuggling vulnerability in multiple products
An issue was discovered in the tiny_http crate through 2020-06-16 for Rust.
network
low complexity
tiny-http-project fedoraproject CWE-444
6.5
6.5
2020-12-28 CVE-2020-35730 Cross-site Scripting vulnerability in multiple products
An XSS issue was discovered in Roundcube Webmail before 1.2.13, 1.3.x before 1.3.16, and 1.4.x before 1.4.10.
network
low complexity
roundcube fedoraproject debian CWE-79
6.1
6.1
2020-12-28 CVE-2020-35738 Integer Overflow or Wraparound vulnerability in multiple products
WavPack 5.3.0 has an out-of-bounds write in WavpackPackSamples in pack_utils.c because of an integer overflow in a malloc argument.
local
low complexity
wavpack debian fedoraproject CWE-190
6.1
6.1
2020-12-26 CVE-2020-29385 Infinite Loop vulnerability in multiple products
GNOME gdk-pixbuf (aka GdkPixbuf) before 2.42.2 allows a denial of service (infinite loop) in lzw.c in the function write_indexes.
local
low complexity
gnome canonical fedoraproject CWE-835
5.5
5.5
2020-12-18 CVE-2020-35480 Information Exposure Through Discrepancy vulnerability in multiple products
An issue was discovered in MediaWiki before 1.35.1.
network
low complexity
mediawiki debian fedoraproject CWE-203
5.3
5.3