Vulnerabilities > Fedoraproject > Fedora > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-07-15 CVE-2020-14547 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).
network
low complexity
oracle netapp fedoraproject canonical
4.9
4.9
2020-07-15 CVE-2020-14540 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML).
network
low complexity
oracle netapp fedoraproject canonical
4.9
4.9
2020-07-15 CVE-2020-14539 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).
network
low complexity
oracle netapp fedoraproject canonical
6.5
6.5
2020-07-09 CVE-2020-12402 Information Exposure Through Discrepancy vulnerability in multiple products
During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly input-dependent flow.
local
high complexity
mozilla opensuse fedoraproject debian CWE-203
4.4
4.4
2020-07-07 CVE-2020-15095 Versions of the npm CLI prior to 6.14.6 are vulnerable to an information exposure vulnerability through log files.
local
high complexity
npmjs opensuse fedoraproject
4.4
4.4
2020-07-07 CVE-2020-10730 Use After Free vulnerability in multiple products
A NULL pointer dereference, or possible use-after-free flaw was found in Samba AD LDAP server in versions before 4.10.17, before 4.11.11 and before 4.12.4.
network
low complexity
samba redhat opensuse fedoraproject debian CWE-416
6.5
6.5
2020-07-07 CVE-2020-15564 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An issue was discovered in Xen through 4.13.x, allowing Arm guest OS users to cause a hypervisor crash because of a missing alignment check in VCPUOP_register_vcpu_info.
local
low complexity
xen debian fedoraproject CWE-119
6.5
6.5
2020-07-07 CVE-2020-15563 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An issue was discovered in Xen through 4.13.x, allowing x86 HVM guest OS users to cause a hypervisor crash.
local
low complexity
xen debian fedoraproject opensuse CWE-119
6.5
6.5
2020-07-06 CVE-2020-10760 Use After Free vulnerability in multiple products
A use-after-free flaw was found in all samba LDAP server versions before 4.10.17, before 4.11.11, before 4.12.4 used in a AC DC configuration.
network
low complexity
samba canonical opensuse fedoraproject CWE-416
6.5
6.5
2020-07-02 CVE-2020-8185 Resource Exhaustion vulnerability in multiple products
A denial of service vulnerability exists in Rails <6.0.3.2 that allowed an untrusted user to run any pending migrations on a Rails app running in production.
network
low complexity
rubyonrails fedoraproject CWE-400
6.5
6.5