Vulnerabilities > Fedoraproject > Fedora > 30

DATE	CVE	VULNERABILITY TITLE	RISK
2019-11-26	CVE-2019-18677	Cross-Site Request Forgery (CSRF) vulnerability in multiple products An issue was discovered in Squid 3.x and 4.x through 4.8 when the append_domain setting is used (because the appended characters do not properly interact with hostname length restrictions). network low complexity squid-cache canonical fedoraproject CWE-352	6.1
2019-11-26	CVE-2019-18676	Out-of-bounds Write vulnerability in multiple products An issue was discovered in Squid 3.x and 4.x through 4.8. network low complexity squid-cache canonical fedoraproject debian CWE-787	7.5
2019-11-26	CVE-2019-12526	Out-of-bounds Write vulnerability in multiple products An issue was discovered in Squid before 4.9. network low complexity squid-cache canonical fedoraproject opensuse debian CWE-787 critical	9.8
2019-11-26	CVE-2019-12523	An issue was discovered in Squid before 4.9. network low complexity squid-cache canonical fedoraproject opensuse debian critical	9.1
2019-11-26	CVE-2019-6477	Resource Exhaustion vulnerability in multiple products With pipelining enabled each incoming query on a TCP connection requires a similar resource allocation to a query received via UDP or via TCP without pipelining enabled. network low complexity isc fedoraproject CWE-400	7.5
2019-11-26	CVE-2019-19270	Improper Certificate Validation vulnerability in multiple products An issue was discovered in tls_verify_crl in ProFTPD through 1.3.6b. network low complexity proftpd fedoraproject CWE-295	7.5
2019-11-25	CVE-2019-13723	Use After Free vulnerability in multiple products Use after free in WebBluetooth in Google Chrome prior to 78.0.3904.108 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. network low complexity google fedoraproject opensuse redhat CWE-416	8.8
2019-11-23	CVE-2019-11287	Use of Externally-Controlled Format String vulnerability in multiple products Pivotal RabbitMQ, versions 3.7.x prior to 3.7.21 and 3.8.x prior to 3.8.1, and RabbitMQ for Pivotal Platform, 1.16.x versions prior to 1.16.7 and 1.17.x versions prior to 1.17.4, contain a web management plugin that is vulnerable to a denial of service attack. network low complexity pivotal-software vmware fedoraproject redhat debian CWE-134	7.5
2019-11-22	CVE-2019-18622	SQL Injection vulnerability in multiple products An issue was discovered in phpMyAdmin before 4.9.2. network low complexity phpmyadmin opensuse fedoraproject CWE-89 critical	9.8
2019-11-21	CVE-2019-18888	Argument Injection or Modification vulnerability in multiple products An issue was discovered in Symfony 2.8.0 through 2.8.50, 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. network low complexity sensiolabs fedoraproject CWE-88	7.5