Vulnerabilities > Fedoraproject > Fedora > 29

DATE	CVE	VULNERABILITY TITLE	RISK
2019-03-21	CVE-2019-3859	Out-of-bounds Read vulnerability in multiple products An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the _libssh2_packet_require and _libssh2_packet_requirev functions. network low complexity libssh2 fedoraproject debian netapp opensuse CWE-125 critical	9.1
2019-03-21	CVE-2018-19872	Divide By Zero vulnerability in multiple products An issue was discovered in Qt 5.11. local low complexity qt opensuse fedoraproject CWE-369	5.5
2019-03-21	CVE-2018-18898	Resource Exhaustion vulnerability in multiple products The email-ingestion feature in Best Practical Request Tracker 4.1.13 through 4.4 allows denial of service by remote attackers via an algorithmic complexity attack on email address parsing. network low complexity bestpractical fedoraproject canonical debian CWE-400	7.5
2019-03-21	CVE-2018-18849	Out-of-bounds Read vulnerability in multiple products In Qemu 3.0.0, lsi_do_msgin in hw/scsi/lsi53c895a.c allows out-of-bounds access by triggering an invalid msg_len value. local low complexity qemu opensuse fedoraproject canonical CWE-125	5.5
2019-03-21	CVE-2018-12023	Deserialization of Untrusted Data vulnerability in multiple products An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6. network high complexity fasterxml debian fedoraproject oracle redhat CWE-502	7.5
2019-03-21	CVE-2018-12022	Deserialization of Untrusted Data vulnerability in multiple products An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6. network high complexity fasterxml debian fedoraproject oracle redhat CWE-502	7.5
2019-03-14	CVE-2019-3833	Infinite Loop vulnerability in multiple products Openwsman, versions up to and including 2.6.9, are vulnerable to infinite loop in process_connection() when parsing specially crafted HTTP requests. network low complexity openwsman-project fedoraproject opensuse CWE-835	7.5
2019-03-14	CVE-2019-3816	Path Traversal vulnerability in multiple products Openwsman, versions up to and including 2.6.9, are vulnerable to arbitrary file disclosure because the working directory of openwsmand daemon was set to root directory. network low complexity openwsman-project redhat fedoraproject opensuse CWE-22	7.5
2019-03-13	CVE-2019-9741	CRLF Injection vulnerability in multiple products An issue was discovered in net/http in Go 1.11.5. network low complexity golang debian fedoraproject redhat CWE-93	6.1
2019-03-12	CVE-2019-9705	Allocation of Resources Without Limits or Throttling vulnerability in multiple products Vixie Cron before the 3.0pl1-133 Debian package allows local users to cause a denial of service (memory consumption) via a large crontab file because an unlimited number of lines is accepted. local low complexity cron-project debian fedoraproject CWE-770	5.5