Vulnerabilities > Fedoraproject > Fedora > 30

DATE	CVE	VULNERABILITY TITLE	RISK
2019-03-21	CVE-2019-6778	Out-of-bounds Write vulnerability in multiple products In QEMU 3.0.0, tcp_emu in slirp/tcp_subr.c has a heap-based buffer overflow. local low complexity qemu opensuse fedoraproject canonical CWE-787	7.8
2019-03-21	CVE-2019-6501	Out-of-bounds Write vulnerability in multiple products In QEMU 3.1, scsi_handle_inquiry_reply in hw/scsi/scsi-generic.c allows out-of-bounds write and read operations. local low complexity qemu fedoraproject CWE-787	5.5
2019-03-21	CVE-2019-6116	In Artifex Ghostscript through 9.26, ephemeral or transient procedures can allow access to system operators, leading to remote code execution. local low complexity artifex fedoraproject canonical debian opensuse redhat	7.8
2019-03-21	CVE-2018-19872	Divide By Zero vulnerability in multiple products An issue was discovered in Qt 5.11. local low complexity qt opensuse fedoraproject CWE-369	5.5
2019-03-14	CVE-2019-3833	Openwsman, versions up to and including 2.6.9, are vulnerable to infinite loop in process_connection() when parsing specially crafted HTTP requests. network low complexity openwsman-project fedoraproject opensuse	7.5
2019-03-14	CVE-2019-3816	Openwsman, versions up to and including 2.6.9, are vulnerable to arbitrary file disclosure because the working directory of openwsmand daemon was set to root directory. network low complexity openwsman-project redhat fedoraproject opensuse	7.5
2019-03-08	CVE-2019-9636	Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Improper Handling of Unicode Encoding (with an incorrect netloc) during NFKC normalization. network low complexity python fedoraproject opensuse debian canonical redhat oracle critical	9.8
2019-03-08	CVE-2019-9631	Out-of-bounds Read vulnerability in multiple products Poppler 0.74.0 has a heap-based buffer over-read in the CairoRescaleBox.cc downsample_row_box_filter function. network low complexity freedesktop fedoraproject debian CWE-125 critical	9.8
2019-02-27	CVE-2019-1559	Information Exposure Through Discrepancy vulnerability in multiple products If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. network high complexity openssl canonical debian netapp f5 tenable opensuse fedoraproject mcafee redhat oracle paloaltonetworks nodejs CWE-203	5.9
2019-02-27	CVE-2019-9210	Integer Overflow or Wraparound vulnerability in multiple products In AdvanceCOMP 2.1, png_compress in pngex.cc in advpng has an integer overflow upon encountering an invalid PNG size, which results in an attempted memcpy to write into a buffer that is too small. local low complexity advancemame debian canonical fedoraproject CWE-190	7.8