Vulnerabilities > Fedoraproject > Fedora > 28

DATE	CVE	VULNERABILITY TITLE	RISK
2019-03-21	CVE-2019-9894	Key Management Errors vulnerability in multiple products A remotely triggerable memory overwrite in RSA key exchange in PuTTY before 0.71 can occur before host key verification. network low complexity putty fedoraproject debian netapp opensuse CWE-320	7.5
2019-03-21	CVE-2019-7222	The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak. local low complexity linux fedoraproject opensuse debian canonical netapp redhat	5.5
2019-03-21	CVE-2019-7221	Use After Free vulnerability in multiple products The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free. local low complexity linux opensuse fedoraproject debian canonical netapp redhat CWE-416	7.8
2019-03-21	CVE-2019-6116	In Artifex Ghostscript through 9.26, ephemeral or transient procedures can allow access to system operators, leading to remote code execution. local low complexity artifex fedoraproject canonical debian opensuse redhat	7.8
2019-03-21	CVE-2019-5885	Use of Insufficiently Random Values vulnerability in multiple products Matrix Synapse before 0.34.0.1, when the macaroon_secret_key authentication parameter is not set, uses a predictable value to derive a secret key and other secrets which could allow remote attackers to impersonate users. network low complexity matrix fedoraproject CWE-330	7.5
2019-03-21	CVE-2019-3859	Out-of-bounds Read vulnerability in multiple products An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the _libssh2_packet_require and _libssh2_packet_requirev functions. network low complexity libssh2 fedoraproject debian netapp opensuse CWE-125 critical	9.1
2019-03-21	CVE-2018-19872	Divide By Zero vulnerability in multiple products An issue was discovered in Qt 5.11. local low complexity qt opensuse fedoraproject CWE-369	5.5
2019-03-21	CVE-2018-18898	Resource Exhaustion vulnerability in multiple products The email-ingestion feature in Best Practical Request Tracker 4.1.13 through 4.4 allows denial of service by remote attackers via an algorithmic complexity attack on email address parsing. network low complexity bestpractical fedoraproject canonical debian CWE-400	7.5
2019-03-14	CVE-2019-3833	Infinite Loop vulnerability in multiple products Openwsman, versions up to and including 2.6.9, are vulnerable to infinite loop in process_connection() when parsing specially crafted HTTP requests. network low complexity openwsman-project fedoraproject opensuse CWE-835	7.5
2019-03-14	CVE-2019-3816	Path Traversal vulnerability in multiple products Openwsman, versions up to and including 2.6.9, are vulnerable to arbitrary file disclosure because the working directory of openwsmand daemon was set to root directory. network low complexity openwsman-project redhat fedoraproject opensuse CWE-22	7.5