Vulnerabilities > Fedoraproject > Fedora > 29
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-03-21 | CVE-2019-3859 | Out-of-bounds Read vulnerability in multiple products An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the _libssh2_packet_require and _libssh2_packet_requirev functions. | 9.1 |
2019-03-21 | CVE-2018-19872 | Divide By Zero vulnerability in multiple products An issue was discovered in Qt 5.11. | 5.5 |
2019-03-21 | CVE-2018-18898 | Resource Exhaustion vulnerability in multiple products The email-ingestion feature in Best Practical Request Tracker 4.1.13 through 4.4 allows denial of service by remote attackers via an algorithmic complexity attack on email address parsing. | 7.5 |
2019-03-21 | CVE-2018-18849 | Out-of-bounds Read vulnerability in multiple products In Qemu 3.0.0, lsi_do_msgin in hw/scsi/lsi53c895a.c allows out-of-bounds access by triggering an invalid msg_len value. | 5.5 |
2019-03-21 | CVE-2018-12023 | Deserialization of Untrusted Data vulnerability in multiple products An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6. | 7.5 |
2019-03-21 | CVE-2018-12022 | Deserialization of Untrusted Data vulnerability in multiple products An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6. | 7.5 |
2019-03-14 | CVE-2019-3833 | Infinite Loop vulnerability in multiple products Openwsman, versions up to and including 2.6.9, are vulnerable to infinite loop in process_connection() when parsing specially crafted HTTP requests. | 7.5 |
2019-03-14 | CVE-2019-3816 | Path Traversal vulnerability in multiple products Openwsman, versions up to and including 2.6.9, are vulnerable to arbitrary file disclosure because the working directory of openwsmand daemon was set to root directory. | 7.5 |
2019-03-13 | CVE-2019-9741 | CRLF Injection vulnerability in multiple products An issue was discovered in net/http in Go 1.11.5. | 6.1 |
2019-03-12 | CVE-2019-9705 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products Vixie Cron before the 3.0pl1-133 Debian package allows local users to cause a denial of service (memory consumption) via a large crontab file because an unlimited number of lines is accepted. | 5.5 |