Vulnerabilities > Fedoraproject

DATE	CVE	VULNERABILITY TITLE	RISK
2020-06-09	CVE-2020-13977	Inclusion of Functionality from Untrusted Control Sphere vulnerability in multiple products Nagios 4.4.5 allows an attacker, who already has administrative access to change the "URL for JSON CGIs" configuration setting, to modify the Alert Histogram and Trends code via crafted versions of the archivejson.cgi, objectjson.cgi, and statusjson.cgi files. network low complexity nagios fedoraproject CWE-829	4.9
2020-06-09	CVE-2020-10757	Type Confusion vulnerability in multiple products A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages. local low complexity linux opensuse redhat fedoraproject debian canonical netapp CWE-843	7.8
2020-06-09	CVE-2020-13965	Cross-site Scripting vulnerability in multiple products An issue was discovered in Roundcube Webmail before 1.3.12 and 1.4.x before 1.4.5. network low complexity roundcube debian fedoraproject CWE-79	6.1
2020-06-09	CVE-2020-13964	Cross-site Scripting vulnerability in multiple products An issue was discovered in Roundcube Webmail before 1.3.12 and 1.4.x before 1.4.5. network low complexity roundcube fedoraproject debian CWE-79	6.1
2020-06-09	CVE-2020-13962	Qt 5.12.2 through 5.14.2, as used in unofficial builds of Mumble 1.3.0 and other products, mishandles OpenSSL's error queue, which can cause a denial of service to QSslSocket users. network low complexity mumble qt fedoraproject opensuse	7.5
2020-06-08	CVE-2020-10754	Missing Authentication for Critical Function vulnerability in multiple products It was found that nmcli, a command line interface to NetworkManager did not honour 802-1x.ca-path and 802-1x.phase2-ca-path settings, when creating a new profile. network low complexity gnome fedoraproject CWE-306	4.3
2020-06-08	CVE-2020-13696	Incorrect Authorization vulnerability in multiple products An issue was discovered in LinuxTV xawtv before 3.107. local low complexity linuxtv debian opensuse fedoraproject canonical CWE-863	4.4
2020-06-08	CVE-2020-13625	Improper Encoding or Escaping of Output vulnerability in multiple products PHPMailer before 6.1.6 contains an output escaping bug when the name of a file attachment contains a double quote character. network low complexity phpmailer-project fedoraproject canonical debian CWE-116	7.5
2020-06-08	CVE-2020-12695	Incorrect Default Permissions vulnerability in multiple products The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue. network high complexity ui w1-fi asus broadcom canon cisco dlink dell epson hp huawei nec netgear ruckussecurity tp-link zte zyxel microsoft fedoraproject debian canonical CWE-276	7.5
2020-06-08	CVE-2020-12803	Improper Input Validation vulnerability in multiple products ODF documents can contain forms to be filled out by the user. network low complexity libreoffice opensuse fedoraproject CWE-20	6.5

Vulnerabilities > Fedoraproject {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Fedoraproject"}]}

Vulnerabilities > Fedoraproject