Vulnerabilities > Fedoraproject > Fedora > 30

DATE	CVE	VULNERABILITY TITLE	RISK
2019-09-23	CVE-2019-16707	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Hunspell 1.7.0 has an invalid read operation in SuggestMgr::leftcommonsubstring in suggestmgr.cxx. network low complexity hunspell-project fedoraproject CWE-119	6.5
2019-09-20	CVE-2019-14816	Heap-based Buffer Overflow vulnerability in multiple products There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code. local low complexity linux redhat debian fedoraproject netapp canonical opensuse CWE-122	7.8
2019-09-19	CVE-2019-14821	Out-of-bounds Write vulnerability in multiple products An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. local low complexity linux redhat canonical opensuse fedoraproject debian netapp oracle CWE-787	8.8
2019-09-19	CVE-2019-11779	Uncontrolled Recursion vulnerability in multiple products In Eclipse Mosquitto 1.5.0 to 1.6.5 inclusive, if a malicious MQTT client sends a SUBSCRIBE packet containing a topic that consists of approximately 65400 or more '/' characters, i.e. network low complexity eclipse canonical opensuse fedoraproject debian CWE-674	6.5
2019-09-17	CVE-2019-14835	Classic Buffer Overflow vulnerability in multiple products A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. local low complexity linux canonical debian fedoraproject opensuse netapp redhat huawei CWE-120	7.8
2019-09-17	CVE-2019-16378	Authentication Bypass by Spoofing vulnerability in multiple products OpenDMARC through 1.3.2 and 1.4.x through 1.4.0-Beta1 is prone to a signature-bypass vulnerability with multiple From: addresses, which might affect applications that consider a domain name to be relevant to the origin of an e-mail message. network low complexity trusteddomain debian fedoraproject canonical CWE-290 critical	9.8
2019-09-17	CVE-2019-16239	Classic Buffer Overflow vulnerability in multiple products process_http_response in OpenConnect before 8.05 has a Buffer Overflow when a malicious server uses HTTP chunked encoding with crafted chunk sizes. network low complexity infradead fedoraproject debian canonical opensuse CWE-120 critical	9.8
2019-09-16	CVE-2019-5482	Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3. network low complexity haxx fedoraproject opensuse netapp oracle debian CWE-787 critical	9.8
2019-09-16	CVE-2019-5481	Double Free vulnerability in multiple products Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3. network low complexity haxx fedoraproject netapp oracle debian opensuse CWE-415 critical	9.8
2019-09-15	CVE-2019-16335	Deserialization of Untrusted Data vulnerability in multiple products A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. network low complexity fasterxml fedoraproject debian netapp redhat oracle CWE-502 critical	9.8