Vulnerabilities > Fedoraproject > Fedora > 29

DATE	CVE	VULNERABILITY TITLE	RISK
2019-04-09	CVE-2019-10894	Reachable Assertion vulnerability in multiple products In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the GSS-API dissector could crash. network low complexity wireshark fedoraproject debian canonical opensuse CWE-617	7.5
2019-04-08	CVE-2019-11026	Uncontrolled Recursion vulnerability in multiple products FontInfoScanner::scanFonts in FontInfo.cc in Poppler 0.75.0 has infinite recursion, leading to a call to the error function in Error.cc. network low complexity freedesktop fedoraproject CWE-674	6.5
2019-04-08	CVE-2019-0211	Use After Free vulnerability in multiple products In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. local low complexity apache fedoraproject canonical debian opensuse CWE-416	7.8
2019-04-08	CVE-2019-0217	Race Condition vulnerability in multiple products In Apache HTTP Server 2.4 release 2.4.38 and prior, a race condition in mod_auth_digest when running in a threaded server could allow a user with valid credentials to authenticate using another username, bypassing configured access control restrictions. network high complexity apache debian fedoraproject canonical redhat opensuse netapp oracle CWE-362	7.5
2019-04-08	CVE-2019-0215	In Apache HTTP Server 2.4 releases 2.4.37 and 2.4.38, a bug in mod_ssl when using per-location client certificate verification with TLSv1.3 allowed a client to bypass configured access control restrictions. network high complexity apache fedoraproject	7.5
2019-04-07	CVE-2019-10740	Cleartext Transmission of Sensitive Information vulnerability in multiple products In Roundcube Webmail before 1.3.10, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. network low complexity roundcube fedoraproject opensuse CWE-319	4.3
2019-04-07	CVE-2019-10906	In Pallets Jinja before 2.10.1, str.format_map allows a sandbox escape. network low complexity palletsprojects fedoraproject canonical redhat opensuse	8.6
2019-04-04	CVE-2019-3886	Missing Authorization vulnerability in multiple products An incorrect permissions check was discovered in libvirt 4.8.0 and above. low complexity redhat opensuse fedoraproject CWE-862	5.4
2019-03-27	CVE-2019-3877	Open Redirect vulnerability in multiple products A vulnerability was found in mod_auth_mellon before v0.14.2. network low complexity mod-auth-mellon-project fedoraproject redhat canonical CWE-601	6.1
2019-03-27	CVE-2019-9917	Improper Input Validation vulnerability in multiple products ZNC before 1.7.3-rc1 allows an existing remote user to cause a Denial of Service (crash) via invalid encoding. network low complexity znc canonical fedoraproject CWE-20	6.5