Vulnerabilities > Fedoraproject > Fedora > 28

DATE	CVE	VULNERABILITY TITLE	RISK
2019-03-21	CVE-2019-9895	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products In PuTTY versions before 0.71 on Unix, a remotely triggerable buffer overflow exists in any kind of server-to-client forwarding. network low complexity putty fedoraproject CWE-119 critical	9.8
2019-03-21	CVE-2019-9894	Key Management Errors vulnerability in multiple products A remotely triggerable memory overwrite in RSA key exchange in PuTTY before 0.71 can occur before host key verification. network low complexity putty fedoraproject debian netapp opensuse CWE-320	7.5
2019-03-21	CVE-2019-7222	The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak. local low complexity linux fedoraproject opensuse debian canonical netapp redhat	5.5
2019-03-21	CVE-2019-7221	Use After Free vulnerability in multiple products The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free. local low complexity linux opensuse fedoraproject debian canonical netapp redhat CWE-416	7.8
2019-03-21	CVE-2019-6116	In Artifex Ghostscript through 9.26, ephemeral or transient procedures can allow access to system operators, leading to remote code execution. local low complexity artifex fedoraproject canonical debian opensuse redhat	7.8
2019-03-21	CVE-2019-5885	Use of Insufficiently Random Values vulnerability in multiple products Matrix Synapse before 0.34.0.1, when the macaroon_secret_key authentication parameter is not set, uses a predictable value to derive a secret key and other secrets which could allow remote attackers to impersonate users. network low complexity matrix fedoraproject CWE-330	7.5
2019-03-21	CVE-2019-3859	Out-of-bounds Read vulnerability in multiple products An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the _libssh2_packet_require and _libssh2_packet_requirev functions. network low complexity libssh2 fedoraproject debian netapp opensuse CWE-125 critical	9.1
2019-03-21	CVE-2018-19872	Divide By Zero vulnerability in multiple products An issue was discovered in Qt 5.11. local low complexity qt opensuse fedoraproject CWE-369	5.5
2019-03-21	CVE-2018-18898	Resource Exhaustion vulnerability in multiple products The email-ingestion feature in Best Practical Request Tracker 4.1.13 through 4.4 allows denial of service by remote attackers via an algorithmic complexity attack on email address parsing. network low complexity bestpractical fedoraproject canonical debian CWE-400	7.5
2019-03-14	CVE-2019-3833	Openwsman, versions up to and including 2.6.9, are vulnerable to infinite loop in process_connection() when parsing specially crafted HTTP requests. network low complexity openwsman-project fedoraproject opensuse	7.5