Vulnerabilities > Fedoraproject > Fedora > 30
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-07-15 | CVE-2019-1010305 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products libmspack 0.9.1alpha is affected by: Buffer Overflow. | 5.5 |
2019-07-11 | CVE-2019-1010319 | Use of Uninitialized Resource vulnerability in multiple products WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. | 5.5 |
2019-07-11 | CVE-2019-1010317 | Use of Uninitialized Resource vulnerability in multiple products WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. | 5.5 |
2019-07-11 | CVE-2019-1010315 | Divide By Zero vulnerability in multiple products WavPack 5.1 and earlier is affected by: CWE 369: Divide by Zero. | 5.5 |
2019-07-11 | CVE-2019-12838 | SQL Injection vulnerability in multiple products SchedMD Slurm 17.11.x, 18.08.0 through 18.08.7, and 19.05.0 allows SQL Injection. | 9.8 |
2019-07-10 | CVE-2019-13132 | Out-of-bounds Write vulnerability in multiple products In ZeroMQ libzmq before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.3.2, a remote, unauthenticated client connecting to a libzmq application, running with a socket listening with CURVE encryption/authentication enabled, may cause a stack overflow and overwrite the stack with arbitrary data, due to a buffer overflow in the library. | 9.8 |
2019-07-10 | CVE-2019-13225 | NULL Pointer Dereference vulnerability in multiple products A NULL Pointer Dereference in match_at() in regexec.c in Oniguruma 6.9.2 allows attackers to potentially cause denial of service by providing a crafted regular expression. | 6.5 |
2019-07-10 | CVE-2019-13224 | Use After Free vulnerability in multiple products A use-after-free in onig_new_deluxe() in regext.c in Oniguruma 6.9.2 allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing a crafted regular expression. | 9.8 |
2019-07-05 | CVE-2019-13313 | Information Exposure vulnerability in multiple products libosinfo 1.5.0 allows local users to discover credentials by listing a process, because credentials are passed to osinfo-install-script via the command line. | 7.8 |
2019-07-04 | CVE-2019-13286 | Out-of-bounds Read vulnerability in multiple products In Xpdf 4.01.01, there is a heap-based buffer over-read in the function JBIG2Stream::readTextRegionSeg() located at JBIG2Stream.cc. | 5.5 |