Vulnerabilities > Fedoraproject > Fedora > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-07-15 CVE-2020-14547 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).
network
low complexity
oracle netapp fedoraproject canonical
4.9
4.9
2020-07-15 CVE-2020-14540 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML).
network
low complexity
oracle netapp fedoraproject canonical
4.9
4.9
2020-07-15 CVE-2020-14539 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).
network
low complexity
oracle netapp fedoraproject canonical
6.5
6.5
2020-07-09 CVE-2020-12402 Information Exposure Through Discrepancy vulnerability in multiple products
During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly input-dependent flow.
local
high complexity
mozilla opensuse fedoraproject debian CWE-203
4.4
4.4
2020-07-07 CVE-2020-15095 Information Exposure Through Log Files vulnerability in multiple products
Versions of the npm CLI prior to 6.14.6 are vulnerable to an information exposure vulnerability through log files.
local
high complexity
npmjs opensuse fedoraproject CWE-532
4.4
4.4
2020-07-07 CVE-2020-10730 Use After Free vulnerability in multiple products
A NULL pointer dereference, or possible use-after-free flaw was found in Samba AD LDAP server in versions before 4.10.17, before 4.11.11 and before 4.12.4.
network
low complexity
samba redhat opensuse fedoraproject debian CWE-416
6.5
6.5
2020-07-07 CVE-2020-15564 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An issue was discovered in Xen through 4.13.x, allowing Arm guest OS users to cause a hypervisor crash because of a missing alignment check in VCPUOP_register_vcpu_info.
local
low complexity
xen debian fedoraproject CWE-119
6.5
6.5
2020-07-07 CVE-2020-15563 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An issue was discovered in Xen through 4.13.x, allowing x86 HVM guest OS users to cause a hypervisor crash.
local
low complexity
xen debian fedoraproject opensuse CWE-119
6.5
6.5
2020-07-06 CVE-2020-10760 Use After Free vulnerability in multiple products
A use-after-free flaw was found in all samba LDAP server versions before 4.10.17, before 4.11.11, before 4.12.4 used in a AC DC configuration.
network
low complexity
samba canonical opensuse fedoraproject CWE-416
6.5
6.5
2020-07-02 CVE-2020-8185 Resource Exhaustion vulnerability in multiple products
A denial of service vulnerability exists in Rails <6.0.3.2 that allowed an untrusted user to run any pending migrations on a Rails app running in production.
network
low complexity
rubyonrails fedoraproject CWE-400
6.5
6.5