Vulnerabilities > Fedoraproject > Fedora > 31

DATE CVE VULNERABILITY TITLE RISK
2018-12-04 CVE-2018-19841 Out-of-bounds Read vulnerability in multiple products
The function WavpackVerifySingleBlock in open_utils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service (out-of-bounds read and application crash) via a crafted WavPack Lossless Audio file, as demonstrated by wvunpack. 		5.5
5.5
2018-08-22 CVE-2018-10846 A cache-based side channel in GnuTLS implementation that leads to plain text recovery in cross-VM attack setting was found.
local
high complexity
gnu redhat canonical fedoraproject debian
5.6
5.6
2018-08-22 CVE-2018-10845 It was found that the GnuTLS implementation of HMAC-SHA-384 was vulnerable to a Lucky thirteen style attack.
network
high complexity
gnu redhat canonical fedoraproject debian
5.9
5.9
2018-08-22 CVE-2018-10844 It was found that the GnuTLS implementation of HMAC-SHA-256 was vulnerable to a Lucky thirteen style attack.
network
high complexity
gnu redhat canonical fedoraproject debian
5.9
5.9
2018-05-07 CVE-2018-10771 Out-of-bounds Write vulnerability in multiple products
Stack-based buffer overflow in the get_key function in parse.c in abcm2ps through 8.13.20 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.
network
low complexity
moinejf debian fedoraproject CWE-787
critical
 9.8
9.8
2018-05-05 CVE-2018-10753 Out-of-bounds Write vulnerability in multiple products
Stack-based buffer overflow in the delayed_output function in music.c in abcm2ps through 8.13.20 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.
network
low complexity
moinejf debian fedoraproject CWE-787
critical
 9.8
9.8
2017-03-10 CVE-2017-6314 Infinite Loop vulnerability in multiple products
The make_available_at_least function in io-tiff.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (infinite loop) via a large TIFF file.
local
low complexity
gnome fedoraproject debian CWE-835
5.5
5.5
2017-03-10 CVE-2017-6313 Integer Underflow (Wrap or Wraparound) vulnerability in multiple products
Integer underflow in the load_resources function in io-icns.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (out-of-bounds read and program crash) via a crafted image entry size in an ICO file.
local
low complexity
gnome fedoraproject debian CWE-191
7.1
7.1
2017-03-10 CVE-2017-6312 Integer Overflow or Wraparound vulnerability in multiple products
Integer overflow in io-ico.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (segmentation fault and application crash) via a crafted image entry offset in an ICO file, which triggers an out-of-bounds read, related to compiler optimizations.
local
low complexity
gnome fedoraproject debian CWE-190
5.5
5.5
2017-03-10 CVE-2017-6311 NULL Pointer Dereference vulnerability in multiple products
gdk-pixbuf-thumbnailer.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors related to printing an error message.
network
low complexity
gnome fedoraproject CWE-476
7.5
7.5