Vulnerabilities > Fedoraproject > Fedora > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-29 | CVE-2020-15216 | Improper Verification of Cryptographic Signature vulnerability in multiple products In goxmldsig (XML Digital Signatures implemented in pure Go) before version 1.1.0, with a carefully crafted XML file, an attacker can completely bypass signature validation and pass off an altered file as a signed one. | 6.5 |
| 2020-09-27 | CVE-2020-26120 | Cross-site Scripting vulnerability in multiple products XSS exists in the MobileFrontend extension for MediaWiki before 1.34.4 because section.line is mishandled during regex section line replacement from PageGateway. | 6.1 |
| 2020-09-27 | CVE-2020-25828 | Cross-site Scripting vulnerability in multiple products An issue was discovered in MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4. | 6.1 |
| 2020-09-27 | CVE-2020-25815 | Cross-site Scripting vulnerability in multiple products An issue was discovered in MediaWiki 1.32.x through 1.34.x before 1.34.4. | 6.1 |
| 2020-09-27 | CVE-2020-25814 | Cross-site Scripting vulnerability in multiple products In MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4, XSS related to jQuery can occur. | 6.1 |
| 2020-09-27 | CVE-2020-25813 | In MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4, Special:UserRights exposes the existence of hidden users. | 5.3 |
| 2020-09-27 | CVE-2020-25812 | Cross-site Scripting vulnerability in multiple products An issue was discovered in MediaWiki 1.34.x before 1.34.4. | 6.1 |
| 2020-09-23 | CVE-2020-25604 | Race Condition vulnerability in multiple products An issue was discovered in Xen through 4.14.x. | 4.7 |
| 2020-09-23 | CVE-2020-25602 | Improper Handling of Exceptional Conditions vulnerability in multiple products An issue was discovered in Xen through 4.14.x. | 6.0 |
| 2020-09-23 | CVE-2020-25601 | An issue was discovered in Xen through 4.14.x. | 5.5 |