Vulnerabilities > Fedoraproject > Fedora > 29
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-03 | CVE-2018-14466 | Out-of-bounds Read vulnerability in multiple products The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and rx_cache_insert(). | 7.5 |
| 2019-10-03 | CVE-2018-14465 | Out-of-bounds Read vulnerability in multiple products The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print(). | 7.5 |
| 2019-10-03 | CVE-2018-14464 | Out-of-bounds Read vulnerability in multiple products The LMP parser in tcpdump before 4.9.3 has a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs(). | 7.5 |
| 2019-10-03 | CVE-2018-14463 | Out-of-bounds Read vulnerability in multiple products The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 2, a different vulnerability than CVE-2019-15167. | 7.5 |
| 2019-10-03 | CVE-2018-14462 | Out-of-bounds Read vulnerability in multiple products The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print(). | 7.5 |
| 2019-10-03 | CVE-2018-14461 | Out-of-bounds Read vulnerability in multiple products The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print(). | 7.5 |
| 2019-10-01 | CVE-2019-17055 | Missing Authorization vulnerability in multiple products base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21. | 3.3 |
| 2019-10-01 | CVE-2019-17052 | Incorrect Default Permissions vulnerability in multiple products ax25_create in net/ax25/af_ax25.c in the AF_AX25 network module in the Linux kernel 3.16 through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-0614e2b73768. | 3.3 |
| 2019-09-30 | CVE-2019-16276 | HTTP Request Smuggling vulnerability in multiple products Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling. | 7.5 |
| 2019-09-27 | CVE-2019-16928 | Out-of-bounds Write vulnerability in multiple products Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. | 9.8 |