Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Fedora
(Fedoraproject)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-05-21 | CVE-2020-6489 | Inappropriate implementation in developer tools in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had convinced the user to take certain actions in developer tools to obtain potentially sensitive information from disk via a crafted HTML page. | Debian_linux, Fedora, Chrome, Backports_sle, Leap | 4.3 | ||
| 2020-05-21 | CVE-2020-6490 | Insufficient data validation in loader in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had been able to write to disk to leak cross-origin data via a crafted HTML page. | Debian_linux, Fedora, Chrome, Backports_sle, Leap | 4.3 | ||
| 2020-05-21 | CVE-2020-6491 | Insufficient data validation in site information in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to spoof security UI via a crafted domain name. | Debian_linux, Fedora, Chrome, Backports_sle, Leap | 6.5 | ||
| 2020-05-21 | CVE-2020-12693 | Slurm 19.05.x before 19.05.7 and 20.02.x before 20.02.3, in the rare case where Message Aggregation is enabled, allows Authentication Bypass via an Alternate Path or Channel. A race condition allows a user to launch a process as an arbitrary user. | Debian_linux, Fedora, Leap, Slurm | 8.1 | ||
| 2020-05-24 | CVE-2020-13434 | SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c. | Icloud, Ipados, Iphone_os, Itunes, Macos, Tvos, Watchos, Ubuntu_linux, Debian_linux, Fedora, Freebsd, Communications_cloud_native_core_policy, Communications_network_charging_and_control, Outside_in_technology, Sqlite | 5.5 | ||
| 2020-05-24 | CVE-2020-13435 | SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c. | Fedora, Sqlite | 5.5 | ||
| 2020-05-25 | CVE-2020-13482 | EM-HTTP-Request 1.1.5 uses the library eventmachine in an insecure way that allows an attacker to perform a man-in-the-middle attack against users of the library. The hostname in a TLS server certificate is not verified. | Em\-Http\-Request, Fedora | 7.4 | ||
| 2020-05-26 | CVE-2020-13614 | An issue was discovered in ssl.c in Axel before 2.17.8. The TLS implementation lacks hostname verification. | Axel, Fedora, Backports_sle, Leap | 5.9 | ||
| 2020-05-27 | CVE-2020-13630 | ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature. | Icloud, Ipados, Iphone_os, Itunes, Macos, Tvos, Watchos, Fabric_operating_system, Ubuntu_linux, Debian_linux, Fedora, Cloud_backup, Hci_compute_node_firmware, Solidfire\,_enterprise_sds_\&_hci_storage_node, Communications_network_charging_and_control, Outside_in_technology, Zfs_storage_appliance_kit, Sinec_infrastructure_network_services, Sqlite | 7.0 | ||
| 2020-05-27 | CVE-2020-13631 | SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c. | Icloud, Ipados, Iphone_os, Itunes, Macos, Tvos, Watchos, Fabric_operating_system, Ubuntu_linux, Fedora, Cloud_backup, Hci_compute_node_firmware, Solidfire\,_enterprise_sds_\&_hci_storage_node, Communications_network_charging_and_control, Outside_in_technology, Zfs_storage_appliance_kit, Sinec_infrastructure_network_services, Sqlite | 5.5 |