Vulnerabilities > Fedoraproject > Fedora > 29
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-31 | CVE-2019-18421 | Race Condition vulnerability in multiple products An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to gain host OS privileges by leveraging race conditions in pagetable promotion and demotion operations. | 7.5 |
| 2019-10-31 | CVE-2019-18420 | Use of Externally-Controlled Format String vulnerability in multiple products An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to cause a denial of service via a VCPUOP_initialise hypercall. | 6.5 |
| 2019-10-21 | CVE-2019-18218 | Out-of-bounds Write vulnerability in multiple products cdf_read_property_info in cdf.c in file through 5.37 does not restrict the number of CDF_VECTOR elements, which allows a heap-based buffer overflow (4-byte out-of-bounds write). | 7.8 |
| 2019-10-17 | CVE-2019-14287 | Improper Handling of Exceptional Conditions vulnerability in multiple products In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. | 8.8 |
| 2019-10-16 | CVE-2019-3018 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). | 4.4 |
| 2019-10-16 | CVE-2019-3011 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: C API). | 6.5 |
| 2019-10-16 | CVE-2019-3009 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Connection). | 4.4 |
| 2019-10-16 | CVE-2019-3004 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). | 6.5 |
| 2019-10-16 | CVE-2019-2998 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). | 4.9 |
| 2019-10-16 | CVE-2019-2997 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). | 4.9 |