Vulnerabilities > Fedoraproject

DATE	CVE	VULNERABILITY TITLE	RISK
2020-12-08	CVE-2020-27918	Use After Free vulnerability in multiple products A use after free issue was addressed with improved memory management. local low complexity apple fedoraproject debian webkitgtk CWE-416	7.8
2020-12-08	CVE-2020-25664	Heap-based Buffer Overflow vulnerability in multiple products In WriteOnePNGImage() of the PNG coder at coders/png.c, an improper call to AcquireVirtualMemory() and memset() allows for an out-of-bounds write later when PopShortPixel() from MagickCore/quantum-private.h is called. local low complexity imagemagick fedoraproject CWE-122	6.1
2020-12-08	CVE-2020-1971	NULL Pointer Dereference vulnerability in multiple products The X.509 GeneralName type is a generic type for representing different types of names. network high complexity openssl debian fedoraproject oracle netapp tenable siemens nodejs CWE-476	5.9
2020-12-08	CVE-2020-27818	Out-of-bounds Read vulnerability in multiple products A flaw was found in the check_chunk_name() function of pngcheck-2.4.0. local low complexity libpng fedoraproject debian CWE-125	3.3
2020-12-07	CVE-2020-29600	Path Traversal vulnerability in multiple products In AWStats through 7.7, cgi-bin/awstats.pl?config= accepts an absolute pathname, even though it was intended to only read a file in the /etc/awstats/awstats.conf format. network low complexity awstats debian fedoraproject CWE-22 critical	9.8
2020-12-04	CVE-2020-29562	Reachable Assertion vulnerability in multiple products The iconv function in the GNU C Library (aka glibc or libc6) 2.30 to 2.32, when converting UCS4 text containing an irreversible character, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service. network high complexity gnu fedoraproject netapp CWE-617	4.8
2020-12-03	CVE-2020-27783	Cross-site Scripting vulnerability in multiple products A XSS vulnerability was discovered in python-lxml's clean module. network low complexity lxml redhat debian fedoraproject netapp oracle CWE-79	6.1
2020-12-03	CVE-2020-25693	Integer Overflow or Wraparound vulnerability in multiple products A flaw was found in CImg in versions prior to 2.9.3. network low complexity cimg fedoraproject CWE-190	8.1
2020-12-03	CVE-2020-25649	XXE vulnerability in multiple products A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. network low complexity fasterxml netapp fedoraproject quarkus apache oracle CWE-611	7.5
2020-12-03	CVE-2020-13584	Use After Free vulnerability in multiple products An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.1 x64. network low complexity webkitgtk fedoraproject CWE-416	8.8

Vulnerabilities > Fedoraproject {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Fedoraproject"}]}

Vulnerabilities > Fedoraproject