VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Fedoraproject
>
Fedora
> Medium
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2020-05-14
CVE-2020-1945
Exposure of Resource to Wrong Sphere vulnerability in multiple products
Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and may thus leak sensitive information.
local
high complexity
apache
canonical
fedoraproject
opensuse
oracle
CWE-668
6.3
6.3
2020-05-11
CVE-2020-11864
libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows denial of service (issue 2 of 2).
local
low complexity
libemf-project
opensuse
fedoraproject
5.5
5.5
2020-05-11
CVE-2020-11863
libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows denial of service (issue 1 of 2).
local
low complexity
libemf-project
opensuse
fedoraproject
5.5
5.5
2020-05-09
CVE-2020-12770
An issue was discovered in the Linux kernel through 5.6.11.
local
low complexity
linux
fedoraproject
canonical
debian
netapp
6.7
6.7
2020-05-06
CVE-2020-12108
Injection vulnerability in multiple products
/options/mailman in GNU Mailman before 2.1.31 allows Arbitrary Content Injection.
network
low complexity
gnu
debian
fedoraproject
opensuse
canonical
CWE-74
6.5
6.5
2020-05-05
CVE-2020-12666
Open Redirect vulnerability in multiple products
macaron before 1.3.7 has an open redirect in the static handler, as demonstrated by the http://127.0.0.1:4000//example.com/ URL.
network
low complexity
go-macaron
fedoraproject
CWE-601
6.1
6.1
2020-05-04
CVE-2020-10700
Use After Free vulnerability in multiple products
A use-after-free flaw was found in the way samba AD DC LDAP servers, handled 'Paged Results' control is combined with the 'ASQ' control.
network
high complexity
samba
fedoraproject
opensuse
CWE-416
5.3
5.3
2020-05-04
CVE-2020-10933
Use of Uninitialized Resource vulnerability in multiple products
An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0.
network
low complexity
ruby-lang
fedoraproject
debian
CWE-908
5.3
5.3
2020-04-29
CVE-2020-11022
In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e.
network
low complexity
jquery
drupal
debian
fedoraproject
oracle
netapp
opensuse
tenable
6.1
6.1
2020-04-29
CVE-2020-11023
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e.
network
low complexity
jquery
debian
fedoraproject
drupal
oracle
netapp
tenable
6.1
6.1
«
Previous
1
2
...
129
130
131
(current)
132
133
...
185
186
»
Next