Vulnerabilities > Fedoraproject > Fedora > 31
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-08-18 | CVE-2019-15144 | Uncontrolled Recursion vulnerability in multiple products In DjVuLibre 3.5.27, the sorting functionality (aka GArrayTemplate<TYPE>::sort) allows attackers to cause a denial-of-service (application crash due to an Uncontrolled Recursion) by crafting a PBM image file that is mishandled in libdjvu/GContainer.h. | 5.5 |
2019-08-18 | CVE-2019-15143 | Infinite Loop vulnerability in multiple products In DjVuLibre 3.5.27, the bitmap reader component allows attackers to cause a denial-of-service error (resource exhaustion caused by a GBitmap::read_rle_raw infinite loop) by crafting a corrupted image file, related to libdjvu/DjVmDir.cpp and libdjvu/GBitmap.cpp. | 5.5 |
2019-08-18 | CVE-2019-15142 | Out-of-bounds Read vulnerability in multiple products In DjVuLibre 3.5.27, DjVmDir.cpp in the DJVU reader component allows attackers to cause a denial-of-service (application crash in GStringRep::strdup in libdjvu/GString.cpp caused by a heap-based buffer over-read) by crafting a DJVU file. | 5.5 |
2019-08-14 | CVE-2019-14973 | Integer Overflow or Wraparound vulnerability in multiple products _TIFFCheckMalloc and _TIFFCheckRealloc in tif_aux.c in LibTIFF through 4.0.10 mishandle Integer Overflow checks because they rely on compiler behavior that is undefined by the applicable C standards. | 6.5 |
2019-08-11 | CVE-2019-14934 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in PDFResurrect before 0.18. | 7.8 |
2019-08-07 | CVE-2019-14745 | Command Injection vulnerability in multiple products In radare2 before 3.7.0, a command injection vulnerability exists in bin_symbols() in libr/core/cbin.c. | 7.8 |
2019-08-05 | CVE-2019-14664 | Cleartext Transmission of Sensitive Information vulnerability in multiple products In Enigmail below 2.1, an attacker in possession of PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. | 6.5 |
2019-08-02 | CVE-2019-14532 | Off-by-one Error vulnerability in multiple products An issue was discovered in The Sleuth Kit (TSK) 4.6.6. | 9.8 |
2019-08-01 | CVE-2019-14494 | Divide By Zero vulnerability in multiple products An issue was discovered in Poppler through 0.78.0. | 7.5 |
2019-07-31 | CVE-2019-14464 | Out-of-bounds Write vulnerability in multiple products XMFile::read in XMFile.cpp in milkyplay in MilkyTracker 1.02.00 has a heap-based buffer overflow. | 5.5 |