Vulnerabilities > Fedoraproject > Fedora > 31
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-11 | CVE-2019-1010319 | Use of Uninitialized Resource vulnerability in multiple products WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. | 5.5 |
| 2019-07-11 | CVE-2019-1010317 | Use of Uninitialized Resource vulnerability in multiple products WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. | 5.5 |
| 2019-07-11 | CVE-2019-1010315 | Divide By Zero vulnerability in multiple products WavPack 5.1 and earlier is affected by: CWE 369: Divide by Zero. | 5.5 |
| 2019-07-10 | CVE-2019-13132 | Out-of-bounds Write vulnerability in multiple products In ZeroMQ libzmq before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.3.2, a remote, unauthenticated client connecting to a libzmq application, running with a socket listening with CURVE encryption/authentication enabled, may cause a stack overflow and overwrite the stack with arbitrary data, due to a buffer overflow in the library. | 9.8 |
| 2019-07-04 | CVE-2019-13286 | Out-of-bounds Read vulnerability in multiple products In Xpdf 4.01.01, there is a heap-based buffer over-read in the function JBIG2Stream::readTextRegionSeg() located at JBIG2Stream.cc. | 5.5 |
| 2019-07-04 | CVE-2019-13283 | Out-of-bounds Read vulnerability in multiple products In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in strncpy from FoFiType1::parse in fofi/FoFiType1.cc because it does not ensure the source string has a valid length before making a fixed-length copy. | 7.8 |
| 2019-07-04 | CVE-2019-13282 | Out-of-bounds Read vulnerability in multiple products In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in SampledFunction::transform in Function.cc when using a large index for samples. | 7.8 |
| 2019-07-04 | CVE-2019-13281 | Out-of-bounds Write vulnerability in multiple products In Xpdf 4.01.01, a heap-based buffer overflow could be triggered in DCTStream::decodeImage() in Stream.cc when writing to frameBuf memory. | 7.8 |
| 2019-07-01 | CVE-2019-13118 | Type Confusion vulnerability in multiple products In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data. | 5.3 |
| 2019-07-01 | CVE-2019-13117 | Use of Uninitialized Resource vulnerability in multiple products In numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers. | 5.3 |