Vulnerabilities > Fedoraproject > Fedora > 31
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-07-29 | CVE-2019-14267 | Out-of-bounds Write vulnerability in multiple products PDFResurrect 0.15 has a buffer overflow via a crafted PDF file because data associated with startxref and %%EOF is mishandled. | 7.8 |
2019-07-29 | CVE-2019-14379 | SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles default typing when ehcache is used (because of net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup), leading to remote code execution. | 9.8 |
2019-07-17 | CVE-2019-13626 | Out-of-bounds Read vulnerability in multiple products SDL (Simple DirectMedia Layer) 2.x through 2.0.9 has a heap-based buffer over-read in Fill_IMA_ADPCM_block, caused by an integer overflow in IMA_ADPCM_decode() in audio/SDL_wave.c. | 6.5 |
2019-07-16 | CVE-2019-13616 | Out-of-bounds Read vulnerability in multiple products SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in BlitNtoN in video/SDL_blit_N.c when called from SDL_SoftBlit in video/SDL_blit.c. | 8.1 |
2019-07-11 | CVE-2019-1010319 | Use of Uninitialized Resource vulnerability in multiple products WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. | 5.5 |
2019-07-11 | CVE-2019-1010317 | Use of Uninitialized Resource vulnerability in multiple products WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. | 5.5 |
2019-07-11 | CVE-2019-1010315 | Divide By Zero vulnerability in multiple products WavPack 5.1 and earlier is affected by: CWE 369: Divide by Zero. | 5.5 |
2019-07-10 | CVE-2019-13132 | Out-of-bounds Write vulnerability in multiple products In ZeroMQ libzmq before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.3.2, a remote, unauthenticated client connecting to a libzmq application, running with a socket listening with CURVE encryption/authentication enabled, may cause a stack overflow and overwrite the stack with arbitrary data, due to a buffer overflow in the library. | 9.8 |
2019-07-04 | CVE-2019-13286 | Out-of-bounds Read vulnerability in multiple products In Xpdf 4.01.01, there is a heap-based buffer over-read in the function JBIG2Stream::readTextRegionSeg() located at JBIG2Stream.cc. | 5.5 |
2019-07-04 | CVE-2019-13283 | Out-of-bounds Read vulnerability in multiple products In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in strncpy from FoFiType1::parse in fofi/FoFiType1.cc because it does not ensure the source string has a valid length before making a fixed-length copy. | 7.8 |