Fedoraproject CVE

Filtered by vendor Fedoraproject Subscribe

Total 5187 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2020-16135	5 Canonical, Debian, Fedoraproject and 2 more	5 Ubuntu Linux, Debian Linux, Fedora and 2 more	2024-11-21	4.3 MEDIUM	5.9 MEDIUM
libssh 0.9.4 has a NULL pointer dereference in tftpserver.c if ssh_buffer_new returns NULL.
CVE-2020-16116	5 Canonical, Debian, Fedoraproject and 2 more	5 Ubuntu Linux, Debian Linux, Fedora and 2 more	2024-11-21	4.3 MEDIUM	3.3 LOW
In kerfuffle/jobs.cpp in KDE Ark before 20.08.0, a crafted archive can install files outside the extraction directory via ../ directory traversal.
CVE-2020-16094	2 Claws-mail, Fedoraproject	2 Claws-mail, Fedora	2024-11-21	5.0 MEDIUM	7.5 HIGH
In imap_scan_tree_recursive in Claws Mail through 3.17.6, a malicious IMAP server can trigger stack consumption because of unlimited recursion into subdirectories during a rebuild of the folder tree.
CVE-2020-16043	3 Debian, Fedoraproject, Google	3 Debian Linux, Fedora, Chrome	2024-11-21	6.8 MEDIUM	8.8 HIGH
Insufficient data validation in networking in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to bypass discretionary access control via malicious network traffic.
CVE-2020-16009	6 Cefsharp, Debian, Fedoraproject and 3 more	8 Cefsharp, Debian Linux, Fedora and 5 more	2024-11-21	6.8 MEDIUM	8.8 HIGH
Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-16008	4 Debian, Fedoraproject, Google and 1 more	5 Debian Linux, Fedora, Chrome and 2 more	2024-11-21	6.8 MEDIUM	8.8 HIGH
Stack buffer overflow in WebRTC in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit stack corruption via a crafted WebRTC packet.
CVE-2020-16006	4 Debian, Fedoraproject, Google and 1 more	5 Debian Linux, Fedora, Chrome and 2 more	2024-11-21	6.8 MEDIUM	8.8 HIGH
Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-16005	4 Debian, Fedoraproject, Google and 1 more	5 Debian Linux, Fedora, Chrome and 2 more	2024-11-21	6.8 MEDIUM	8.8 HIGH
Insufficient policy enforcement in ANGLE in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-16004	4 Debian, Fedoraproject, Google and 1 more	5 Debian Linux, Fedora, Chrome and 2 more	2024-11-21	6.8 MEDIUM	8.8 HIGH
Use after free in user interface in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-16003	4 Debian, Fedoraproject, Google and 1 more	4 Debian Linux, Fedora, Chrome and 1 more	2024-11-21	6.8 MEDIUM	8.8 HIGH
Use after free in printing in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-16002	4 Debian, Fedoraproject, Google and 1 more	4 Debian Linux, Fedora, Chrome and 1 more	2024-11-21	6.8 MEDIUM	8.8 HIGH
Use after free in PDFium in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
CVE-2020-16001	4 Debian, Fedoraproject, Google and 1 more	4 Debian Linux, Fedora, Chrome and 1 more	2024-11-21	6.8 MEDIUM	8.8 HIGH
Use after free in media in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-16000	4 Debian, Fedoraproject, Google and 1 more	4 Debian Linux, Fedora, Chrome and 1 more	2024-11-21	6.8 MEDIUM	8.8 HIGH
Inappropriate implementation in Blink in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-15999	5 Debian, Fedoraproject, Freetype and 2 more	5 Debian Linux, Fedora, Freetype and 2 more	2024-11-21	4.3 MEDIUM	6.5 MEDIUM
Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-15995	3 Debian, Fedoraproject, Google	4 Debian Linux, Fedora, Android and 1 more	2024-11-21	6.8 MEDIUM	8.8 HIGH
Out of bounds write in V8 in Google Chrome prior to 86.0.4240.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-15992	4 Debian, Fedoraproject, Google and 1 more	4 Debian Linux, Fedora, Chrome and 1 more	2024-11-21	6.8 MEDIUM	8.8 HIGH
Insufficient policy enforcement in networking in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page.
CVE-2020-15991	4 Debian, Fedoraproject, Google and 1 more	4 Debian Linux, Fedora, Chrome and 1 more	2024-11-21	6.8 MEDIUM	8.8 HIGH
Use after free in password manager in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2020-15990	4 Debian, Fedoraproject, Google and 1 more	4 Debian Linux, Fedora, Chrome and 1 more	2024-11-21	6.8 MEDIUM	8.8 HIGH
Use after free in autofill in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2020-15989	4 Debian, Fedoraproject, Google and 1 more	4 Debian Linux, Fedora, Chrome and 1 more	2024-11-21	4.3 MEDIUM	5.5 MEDIUM
Uninitialized data in PDFium in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file.
CVE-2020-15988	5 Debian, Fedoraproject, Google and 2 more	5 Debian Linux, Fedora, Chrome and 2 more	2024-11-21	6.8 MEDIUM	6.3 MEDIUM
Insufficient policy enforcement in downloads in Google Chrome on Windows prior to 86.0.4240.75 allowed a remote attacker who convinced the user to open files to execute arbitrary code via a crafted HTML page.

Vulnerabilities (CVE)