Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora 31 vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2020-25603
An issue exists in Xen up to and including 4.14.x. There are missing memory barriers when accessing/allocating an event channel. Event channels control structures can be accessed lockless as long as the port is considered to be valid. Such a sequence is missing an appropriate mem...
Xen Xen
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Opensuse Leap 15.2
Debian Debian Linux 10.0
4.7
CVSSv3
CVE-2020-25604
An issue exists in Xen up to and including 4.14.x. There is a race condition when migrating timers between x86 HVM vCPUs. When migrating timers of x86 HVM guests between its vCPUs, the locking model used allows for a second vCPU of the same guest (also operating on the timers) to...
Xen Xen
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Debian Debian Linux 10.0
Opensuse Leap 15.2
5.5
CVSSv3
CVE-2020-25598
An issue exists in Xen 4.14.x. There is a missing unlock in the XENMEM_acquire_resource error path. The RCU (Read, Copy, Update) mechanism is a synchronisation primitive. A buggy error path in the XENMEM_acquire_resource exits without releasing an RCU reference, which is conceptu...
Xen Xen
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Opensuse Leap 15.2
7.8
CVSSv3
CVE-2020-25595
An issue exists in Xen up to and including 4.14.x. The PCI passthrough code improperly uses register data. Code paths in Xen's MSI handling have been identified that act on unsanitized values read back from device hardware registers. While devices strictly compliant with PCI...
Xen Xen
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Debian Debian Linux 10.0
Opensuse Leap 15.2
5.3
CVSSv3
CVE-2020-14370
An information disclosure vulnerability was found in containers/podman in versions prior to 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container w...
Podman Project Podman
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Redhat Openshift Container Platform 4.6
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
8.3
CVSSv3
CVE-2020-6575
Race in Mojo in Google Chrome before 85.0.4183.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
Google Chrome
Debian Debian Linux 10.0
Opensuse Leap 15.1
Fedoraproject Fedora 31
Opensuse Backports Sle 15.0
Opensuse Leap 15.2
Fedoraproject Fedora 33
4.3
CVSSv3
CVE-2020-15959
Insufficient policy enforcement in networking in Google Chrome before 85.0.4183.102 allowed an attacker who convinced the user to enable logging to obtain potentially sensitive information from process memory via social engineering.
Google Chrome
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Opensuse Leap 15.2
Fedoraproject Fedora 31
Fedoraproject Fedora 33
Debian Debian Linux 10.0
9.6
CVSSv3
CVE-2020-6573
Use after free in video in Google Chrome on Android before 85.0.4183.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
Google Chrome
Debian Debian Linux 10.0
Opensuse Leap 15.1
Fedoraproject Fedora 31
Opensuse Backports Sle 15.0
Opensuse Leap 15.2
Fedoraproject Fedora 33
7.8
CVSSv3
CVE-2020-6574
Insufficient policy enforcement in installer in Google Chrome on OS X before 85.0.4183.102 allowed a local malicious user to potentially achieve privilege escalation via a crafted binary.
Google Chrome
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Opensuse Leap 15.2
Debian Debian Linux 10.0
Fedoraproject Fedora 31
Fedoraproject Fedora 33
8.8
CVSSv3
CVE-2020-6576
Use after free in offscreen canvas in Google Chrome before 85.0.4183.102 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
Debian Debian Linux 10.0
Opensuse Leap 15.1
Fedoraproject Fedora 31
Opensuse Backports Sle 15.0
Opensuse Leap 15.2
Fedoraproject Fedora 33
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »