Vulnerabilities > Fedoraproject

DATE CVE VULNERABILITY TITLE RISK
2021-01-06 CVE-2020-8265 Use After Free vulnerability in multiple products
Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 are vulnerable to a use-after-free bug in its TLS implementation.
network
high complexity
nodejs debian fedoraproject oracle siemens CWE-416
8.1
8.1
2021-01-05 CVE-2020-27845 Out-of-bounds Read vulnerability in multiple products
There's a flaw in src/lib/openjp2/pi.c of openjpeg in versions prior to 2.4.0. 		5.5
5.5
2021-01-05 CVE-2020-27843 Out-of-bounds Read vulnerability in multiple products
A flaw was found in OpenJPEG in versions prior to 2.4.0. 		5.5
5.5
2021-01-05 CVE-2020-27842 Out-of-bounds Read vulnerability in multiple products
There's a flaw in openjpeg's t2 encoder in versions prior to 2.4.0. 		5.5
5.5
2021-01-05 CVE-2020-27841 Heap-based Buffer Overflow vulnerability in multiple products
There's a flaw in openjpeg in versions prior to 2.4.0 in src/lib/openjp2/pi.c. 		5.5
5.5
2021-01-05 CVE-2020-36158 Classic Buffer Overflow vulnerability in multiple products
mwifiex_cmd_802_11_ad_hoc_start in drivers/net/wireless/marvell/mwifiex/join.c in the Linux kernel through 5.10.4 might allow remote attackers to execute arbitrary code via a long SSID value, aka CID-5c455c5ab332.
local
low complexity
linux fedoraproject debian netapp CWE-120
6.7
6.7
2021-01-04 CVE-2019-25013 Out-of-bounds Read vulnerability in multiple products
The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.
network
high complexity
gnu fedoraproject netapp broadcom debian CWE-125
5.9
5.9
2021-01-04 CVE-2020-25275 Improper Input Validation vulnerability in multiple products
Dovecot before 2.3.13 has Improper Input Validation in lda, lmtp, and imap, leading to an application crash via a crafted email message with certain choices for ten thousand MIME parts.
network
low complexity
dovecot debian fedoraproject CWE-20
7.5
7.5
2021-01-04 CVE-2020-24386 An issue was discovered in Dovecot before 2.3.13.
network
high complexity
dovecot debian fedoraproject
6.8
6.8
2021-01-04 CVE-2020-35496 NULL Pointer Dereference vulnerability in multiple products
There's a flaw in bfd_pef_scan_start_address() of bfd/pef.c in binutils which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference.
local
low complexity
gnu fedoraproject netapp broadcom CWE-476
5.5
5.5