Vulnerabilities > Fedoraproject > Fedora > 32
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-20 | CVE-2019-19918 | Out-of-bounds Write vulnerability in multiple products Lout 3.40 has a heap-based buffer overflow in the srcnext() function in z02.c. | 7.8 |
| 2019-12-20 | CVE-2019-19917 | Classic Buffer Overflow vulnerability in multiple products Lout 3.40 has a buffer overflow in the StringQuotedWord() function in z39.c. | 7.8 |
| 2019-12-19 | CVE-2019-19906 | Off-by-one Error vulnerability in multiple products cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet. | 7.5 |
| 2019-12-13 | CVE-2019-19787 | Out-of-bounds Write vulnerability in multiple products ATasm 1.06 has a stack-based buffer overflow in the get_signed_expression() function in setparse.c via a crafted .m65 file. | 7.8 |
| 2019-12-13 | CVE-2019-19786 | Out-of-bounds Write vulnerability in multiple products ATasm 1.06 has a stack-based buffer overflow in the parse_expr() function in setparse.c via a crafted .m65 file. | 7.8 |
| 2019-12-13 | CVE-2019-19785 | Out-of-bounds Write vulnerability in multiple products ATasm 1.06 has a stack-based buffer overflow in the to_comma() function in asm.c via a crafted .m65 file. | 7.8 |
| 2019-12-12 | CVE-2019-19746 | Integer Overflow or Wraparound vulnerability in multiple products make_arrow in arrow.c in Xfig fig2dev 3.2.7b allows a segmentation fault and out-of-bounds write because of an integer overflow via a large arrow type. | 5.5 |
| 2019-12-12 | CVE-2017-18640 | XML Entity Expansion vulnerability in multiple products The Alias feature in SnakeYAML before 1.26 allows entity expansion during a load operation, a related issue to CVE-2003-1564. | 7.5 |
| 2019-12-06 | CVE-2019-1551 | Integer Overflow or Wraparound vulnerability in multiple products There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. | 5.3 |
| 2019-11-29 | CVE-2019-19451 | Infinite Loop vulnerability in multiple products When GNOME Dia before 2019-11-27 is launched with a filename argument that is not a valid codepoint in the current encoding, it enters an endless loop, thus endlessly writing text to stdout. | 5.5 |