Vulnerabilities > Fedoraproject > Fedora > 31

DATE	CVE	VULNERABILITY TITLE	RISK
2019-09-27	CVE-2019-16928	Out-of-bounds Write vulnerability in multiple products Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. network low complexity exim canonical debian fedoraproject CWE-787 critical	9.8
2019-09-27	CVE-2019-9433	Improper Input Validation vulnerability in multiple products In libvpx, there is a possible information disclosure due to improper input validation. network low complexity google opensuse fedoraproject debian canonical CWE-20	6.5
2019-09-27	CVE-2019-9371	Improper Input Validation vulnerability in multiple products In libvpx, there is a possible resource exhaustion due to improper input validation. network low complexity google opensuse fedoraproject debian canonical CWE-20	6.5
2019-09-27	CVE-2019-9325	Out-of-bounds Read vulnerability in multiple products In libvpx, there is a possible out of bounds read due to a missing bounds check. network low complexity google canonical fedoraproject opensuse debian CWE-125	6.5
2019-09-27	CVE-2019-9278	Integer Overflow or Wraparound vulnerability in multiple products In libexif, there is a possible out of bounds write due to an integer overflow. network low complexity google opensuse fedoraproject debian canonical CWE-190	8.8
2019-09-27	CVE-2019-9232	Out-of-bounds Read vulnerability in multiple products In libvpx, there is a possible out of bounds read due to a missing bounds check. network low complexity google canonical opensuse fedoraproject debian CWE-125	7.5
2019-09-26	CVE-2019-16910	Arm Mbed TLS before 2.19.0 and Arm Mbed Crypto before 2.0.0, when deterministic ECDSA is enabled, use an RNG with insufficient entropy for blinding, which might allow an attacker to recover a private key via side-channel attacks if a victim signs the same message many times. network high complexity arm fedoraproject debian	5.3
2019-09-26	CVE-2019-14844	Function Call with Incorrectly Specified Arguments vulnerability in multiple products A flaw was found in, Fedora versions of krb5 from 1.16.1 to, including 1.17.x, in the way a Kerberos client could crash the KDC by sending one of the RFC 4556 "enctypes". network low complexity mit fedoraproject CWE-628	7.5
2019-09-26	CVE-2019-16738	Missing Authorization vulnerability in multiple products In MediaWiki through 1.33.0, Special:Redirect allows information disclosure of suppressed usernames via a User ID Lookup. network low complexity mediawiki fedoraproject debian CWE-862	5.3
2019-09-25	CVE-2019-16892	In Rubyzip before 1.3.0, a crafted ZIP file can bypass application checks on ZIP entry sizes because data about the uncompressed size can be spoofed. local low complexity rubyzip-project fedoraproject redhat	5.5