Vulnerabilities > Fedoraproject > Fedora > 31

DATE CVE VULNERABILITY TITLE RISK
2019-11-21 CVE-2019-18889 Code Injection vulnerability in multiple products
An issue was discovered in Symfony 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7.
network
low complexity
sensiolabs fedoraproject CWE-94
critical
 9.8
9.8
2019-11-21 CVE-2019-18888 Argument Injection or Modification vulnerability in multiple products
An issue was discovered in Symfony 2.8.0 through 2.8.50, 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7.
network
low complexity
sensiolabs fedoraproject CWE-88
7.5
7.5
2019-11-21 CVE-2019-18887 Information Exposure Through Discrepancy vulnerability in multiple products
An issue was discovered in Symfony 2.8.0 through 2.8.50, 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7.
network
high complexity
sensiolabs fedoraproject CWE-203
8.1
8.1
2019-11-21 CVE-2019-19204 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. 		7.5
7.5
2019-11-21 CVE-2019-19203 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in Oniguruma 6.x before 6.9.4_rc2.
network
low complexity
oniguruma-project fedoraproject CWE-125
7.5
7.5
2019-11-19 CVE-2019-19126 Improper Initialization vulnerability in multiple products
On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program.
local
low complexity
gnu canonical fedoraproject debian CWE-665
3.3
3.3
2019-11-19 CVE-2019-18934 OS Command Injection vulnerability in multiple products
Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially crafted answer.
network
low complexity
nlnetlabs fedoraproject opensuse CWE-78
7.3
7.3
2019-11-18 CVE-2019-19073 Memory Leak vulnerability in multiple products
Memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering wait_for_completion_timeout() failures.
local
low complexity
linux fedoraproject opensuse CWE-401
4.0
4.0
2019-11-18 CVE-2019-19072 Memory Leak vulnerability in multiple products
A memory leak in the predicate_parse() function in kernel/trace/trace_events_filter.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-96c5c6e6a5b6.
local
low complexity
canonical fedoraproject redhat linux CWE-401
4.4
4.4
2019-11-18 CVE-2019-19070 Memory Leak vulnerability in multiple products
A memory leak in the spi_gpio_probe() function in drivers/spi/spi-gpio.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering devm_add_action_or_reset() failures, aka CID-d3b0ffa1d75d.
network
low complexity
linux fedoraproject CWE-401
7.5
7.5