Vulnerabilities > Fedoraproject > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-15 | CVE-2020-29481 | Improper Privilege Management vulnerability in multiple products An issue was discovered in Xen through 4.14.x. | 8.8 |
| 2020-12-15 | CVE-2020-29479 | Missing Authorization vulnerability in multiple products An issue was discovered in Xen through 4.14.x. | 8.8 |
| 2020-12-14 | CVE-2020-8286 | Improper Certificate Validation vulnerability in multiple products curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response. | 7.5 |
| 2020-12-14 | CVE-2020-8285 | Uncontrolled Recursion vulnerability in multiple products curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing. | 7.5 |
| 2020-12-11 | CVE-2020-27828 | Improper Input Validation vulnerability in multiple products There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. | 7.8 |
| 2020-12-09 | CVE-2020-29661 | Improper Locking vulnerability in multiple products A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. | 7.8 |
| 2020-12-09 | CVE-2020-29651 | A denial of service via regular expression in the py.path.svnwc component of py (aka python-py) through 1.9.0 could be used by attackers to cause a compute-time denial of service attack by supplying malicious input to the blame functionality. | 7.5 |
| 2020-12-08 | CVE-2020-27918 | Use After Free vulnerability in multiple products A use after free issue was addressed with improved memory management. | 7.8 |
| 2020-12-03 | CVE-2020-25693 | Integer Overflow or Wraparound vulnerability in multiple products A flaw was found in CImg in versions prior to 2.9.3. | 8.1 |
| 2020-12-03 | CVE-2020-25649 | XXE vulnerability in multiple products A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. | 7.5 |