VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Fedoraproject
> High
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2020-06-25
CVE-2020-10379
Classic Buffer Overflow vulnerability in multiple products
In Pillow before 7.1.0, there are two Buffer Overflows in libImaging/TiffDecode.c.
local
low complexity
python
fedoraproject
canonical
CWE-120
7.8
7.8
2020-06-22
CVE-2020-4031
In FreeRDP before version 2.1.2, there is a use-after-free in gdi_SelectObject.
network
low complexity
freerdp
fedoraproject
opensuse
canonical
debian
7.5
7.5
2020-06-19
CVE-2020-14929
Alpine before 2.23 silently proceeds to use an insecure connection after a /tls is sent in certain circumstances involving PREAUTH, which is a less secure behavior than the alternative of closing the connection and letting the user decide what they would like to do.
network
low complexity
alpine-project
fedoraproject
debian
7.5
7.5
2020-06-18
CVE-2017-9108
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An issue was discovered in adns before 1.5.2.
network
low complexity
gnu
opensuse
fedoraproject
CWE-119
7.5
7.5
2020-06-18
CVE-2017-9107
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An issue was discovered in adns before 1.5.2.
network
low complexity
gnu
fedoraproject
CWE-119
7.5
7.5
2020-06-18
CVE-2017-9106
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An issue was discovered in adns before 1.5.2.
network
low complexity
gnu
fedoraproject
CWE-119
7.5
7.5
2020-06-18
CVE-2017-9105
NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in adns before 1.5.2.
network
low complexity
gnu
fedoraproject
CWE-476
8.8
8.8
2020-06-17
CVE-2020-14040
Infinite Loop vulnerability in multiple products
The x/text package before 0.3.3 for Go has a vulnerability in encoding/unicode that could lead to the UTF-16 decoder entering an infinite loop, causing the program to crash or run out of memory.
network
low complexity
golang
fedoraproject
CWE-835
7.5
7.5
2020-06-17
CVE-2020-14295
SQL Injection vulnerability in multiple products
A SQL injection issue in color.php in Cacti 1.2.12 allows an admin to inject SQL via the filter parameter.
network
low complexity
cacti
fedoraproject
CWE-89
7.2
7.2
2020-06-15
CVE-2020-14148
Out-of-bounds Read vulnerability in multiple products
The Server-Server protocol implementation in ngIRCd before 26~rc2 allows an out-of-bounds access, as demonstrated by the IRC_NJOIN() function.
network
low complexity
barton
debian
fedoraproject
CWE-125
7.5
7.5
«
Previous
1
2
...
152
153
154
(current)
155
156
...
221
222
»
Next