Vulnerabilities > Fedoraproject > High

DATE CVE VULNERABILITY TITLE RISK
2020-09-16 CVE-2020-14382 Out-of-bounds Write vulnerability in multiple products
A vulnerability was found in upstream release cryptsetup-2.2.0 where, there's a bug in LUKS2 format validation code, that is effectively invoked on every device/image presenting itself as LUKS2 container.
7.8
2020-09-16 CVE-2020-14393 Out-of-bounds Write vulnerability in multiple products
A buffer overflow was found in perl-DBI < 1.643 in DBI.xs.
local
low complexity
perl opensuse debian fedoraproject CWE-787
7.1
2020-09-16 CVE-2020-14386 Out-of-bounds Write vulnerability in multiple products
A flaw was found in the Linux kernel before 5.9-rc4.
local
low complexity
linux debian fedoraproject opensuse CWE-787
7.8
2020-09-11 CVE-2020-14363 Integer Overflow or Wraparound vulnerability in multiple products
An integer overflow vulnerability leading to a double-free was found in libX11.
local
low complexity
x-org fedoraproject CWE-190
7.8
2020-09-11 CVE-2020-15166 In ZeroMQ before version 4.3.3, there is a denial-of-service vulnerability.
network
low complexity
zeromq fedoraproject debian
7.5
2020-09-09 CVE-2020-25219 Uncontrolled Recursion vulnerability in multiple products
url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger uncontrolled recursion via a response composed of an infinite stream that lacks a newline character.
7.5
2020-09-09 CVE-2020-14342 OS Command Injection vulnerability in multiple products
It was found that cifs-utils' mount.cifs was invoking a shell when requesting the Samba password, which could be used to inject arbitrary commands.
local
high complexity
samba fedoraproject opensuse CWE-78
7.0
2020-09-04 CVE-2020-24659 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in GnuTLS before 3.6.15.
network
low complexity
gnu fedoraproject opensuse canonical CWE-476
7.5
2020-09-02 CVE-2020-15094 In Symfony before versions 4.4.13 and 5.1.5, the CachingHttpClient class from the HttpClient Symfony component relies on the HttpCache class to handle requests.
network
low complexity
sensiolabs fedoraproject
8.8
2020-09-01 CVE-2020-24584 Incorrect Default Permissions vulnerability in multiple products
An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 (when Python 3.7+ is used).
7.5