Vulnerabilities > Fedoraproject
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-05-27 | CVE-2020-10936 | Improper Privilege Management vulnerability in multiple products Sympa before 6.2.56 allows privilege escalation. | 7.8 |
2020-05-27 | CVE-2020-13632 | NULL Pointer Dereference vulnerability in multiple products ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query. | 5.5 |
2020-05-27 | CVE-2020-13631 | SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c. | 5.5 |
2020-05-27 | CVE-2020-13630 | Use After Free vulnerability in multiple products ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature. | 7.0 |
2020-05-26 | CVE-2020-13614 | Improper Certificate Validation vulnerability in multiple products An issue was discovered in ssl.c in Axel before 2.17.8. | 5.9 |
2020-05-25 | CVE-2020-13482 | Improper Certificate Validation vulnerability in multiple products EM-HTTP-Request 1.1.5 uses the library eventmachine in an insecure way that allows an attacker to perform a man-in-the-middle attack against users of the library. | 7.4 |
2020-05-24 | CVE-2020-13435 | NULL Pointer Dereference vulnerability in multiple products SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c. | 5.5 |
2020-05-24 | CVE-2020-13434 | Integer Overflow or Wraparound vulnerability in multiple products SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c. | 5.5 |
2020-05-22 | CVE-2020-11077 | HTTP Request Smuggling vulnerability in multiple products In Puma (RubyGem) before 4.3.5 and 3.12.6, a client could smuggle a request through a proxy, causing the proxy to send a response back to another unknown client. | 7.5 |
2020-05-22 | CVE-2020-11076 | HTTP Request Smuggling vulnerability in multiple products In Puma (RubyGem) before 4.3.4 and 3.12.5, an attacker could smuggle an HTTP response, by using an invalid transfer-encoding header. | 7.5 |