Vulnerabilities > Fedoraproject

DATE CVE VULNERABILITY TITLE RISK
2020-04-13 CVE-2020-6434 Use After Free vulnerability in multiple products
Use after free in devtools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject debian opensuse CWE-416
8.8
8.8
2020-04-13 CVE-2020-6433 Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
network
low complexity
google debian fedoraproject opensuse
4.3
4.3
2020-04-13 CVE-2020-6432 Insufficient policy enforcement in navigations in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
network
low complexity
google debian fedoraproject opensuse
4.3
4.3
2020-04-13 CVE-2020-6431 Incorrect Default Permissions vulnerability in multiple products
Insufficient policy enforcement in full screen in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to spoof security UI via a crafted HTML page.
network
low complexity
google debian fedoraproject opensuse CWE-276
4.3
4.3
2020-04-13 CVE-2020-6430 Type Confusion vulnerability in multiple products
Type Confusion in V8 in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject debian opensuse CWE-843
8.8
8.8
2020-04-13 CVE-2020-6423 Use After Free vulnerability in multiple products
Use after free in audio in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject opensuse debian CWE-416
8.8
8.8
2020-04-13 CVE-2020-1759 Reusing a Nonce, Key Pair in Encryption vulnerability in multiple products
A vulnerability was found in Red Hat Ceph Storage 4 and Red Hat Openshift Container Storage 4.2 where, A nonce reuse vulnerability was discovered in the secure mode of the messenger v2 protocol, which can allow an attacker to forge auth tags and potentially manipulate the data by leveraging the reuse of a nonce in a session.
network
high complexity
redhat linuxfoundation fedoraproject CWE-323
6.8
6.8
2020-04-07 CVE-2020-11612 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
The ZlibDecoders in Netty 4.1.x before 4.1.46 allow for unbounded memory allocation while decoding a ZlibEncoded byte stream.
network
low complexity
netty debian fedoraproject netapp oracle CWE-770
7.5
7.5
2020-04-07 CVE-2013-7488 Infinite Loop vulnerability in multiple products
perl-Convert-ASN1 (aka the Convert::ASN1 module for Perl) through 0.27 allows remote attackers to cause an infinite loop via unexpected input.
network
low complexity
convert fedoraproject CWE-835
7.5
7.5
2020-04-03 CVE-2020-11501 Use of Insufficiently Random Values vulnerability in multiple products
GnuTLS 3.6.x before 3.6.13 uses incorrect cryptography for DTLS.
network
high complexity
gnu debian opensuse canonical fedoraproject CWE-330
7.4
7.4