Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora 31 vulnerabilities and exploits
(subscribe to this query)
356
VMScore
CVE-2020-5238
The table extension in GitHub Flavored Markdown before version 0.29.0.gfm.1 takes O(n * n) time to parse certain inputs. An attacker could craft a markdown table which would take an unreasonably long time to process, causing a denial of service. This issue does not affect the ups...
Github Flavored Markdown Project Github Flavored Markdown
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
614
VMScore
CVE-2020-10174
init_tmp in TeeJee.FileSystem.vala in Timeshift prior to 20.03 unsafely reuses a preexisting temporary directory in the predictable location /tmp/timeshift. It follows symlinks in this location or uses directories owned by unprivileged users. Because Timeshift also executes scrip...
Timeshift Project Timeshift
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Canonical Ubuntu Linux 19.10
605
VMScore
CVE-2019-14934
An issue exists in PDFResurrect prior to 0.18. pdf_load_pages_kids in pdf.c doesn't validate a certain size value, which leads to a malloc failure and out-of-bounds write.
Pdfresurrect Project Pdfresurrect
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Debian Debian Linux 9.0
187
VMScore
CVE-2020-16150
A Lucky 13 timing side channel in mbedtls_ssl_decrypt_buf in library/ssl_msg.c in Trusted Firmware Mbed TLS up to and including 2.23.0 allows an malicious user to recover secret key information. This affects CBC mode because of a computed time difference based on a padding length...
Arm Mbed Tls
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Debian Debian Linux 10.0
543
VMScore
CVE-2020-25597
An issue exists in Xen up to and including 4.14.x. There is mishandling of the constraint that once-valid event channels may not turn invalid. Logic in the handling of event channel operations in Xen assumes that an event channel, once valid, will not become invalid over the life...
Xen Xen
Fedoraproject Fedora 31
605
VMScore
CVE-2019-14812
A flaw was found in all ghostscript versions 9.x prior to 9.50, in the .setuserparams2 procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and the...
Artifex Ghostscript
Fedoraproject Fedora 31
1 Github repository
409
VMScore
CVE-2020-2026
A malicious guest compromised before a container creation (e.g. a malicious guest image or a guest running multiple containers) can trick the kata runtime into mounting the untrusted container filesystem on any host path, potentially allowing for code execution on the host. This ...
Katacontainers Runtime
Fedoraproject Fedora 31
356
VMScore
CVE-2020-10754
It was found that nmcli, a command line interface to NetworkManager did not honour 802-1x.ca-path and 802-1x.phase2-ca-path settings, when creating a new profile. When a user connects to a network using this profile, the authentication does not happen and the connection is made i...
Gnome Networkmanager
Fedoraproject Fedora 31
357
VMScore
CVE-2019-19118
Django 2.1 prior to 2.1.15 and 2.2 prior to 2.2.8 allows unintended model editing. A Django model admin displaying inline related models, where the user has view-only permissions to a parent model but edit permissions to the inline model, would be presented with an editing UI, al...
Djangoproject Django
Fedoraproject Fedora 31
3 Github repositories
641
VMScore
CVE-2019-19577
An issue exists in Xen up to and including 4.12.x allowing x86 AMD HVM guest OS users to cause a denial of service or possibly gain privileges by triggering data-structure access during pagetable-height updates. When running on AMD systems with an IOMMU, Xen attempted to dynamica...
Xen Xen
Fedoraproject Fedora 31
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »