Fedora

DATE	CVE	VULNERABILITY TITLE	RISK
2020-01-08	CVE-2019-5188	Out-of-bounds Write vulnerability in multiple products A code execution vulnerability exists in the directory rehashing functionality of E2fsprogs e2fsck 1.45.4. local low complexity e2fsprogs-project fedoraproject debian canonical opensuse netapp CWE-787	6.7
2020-01-07	CVE-2019-14834	A vulnerability was found in dnsmasq before version 2.81, where the memory leak allows remote attackers to cause a denial of service (memory consumption) via vectors involving DHCP response creation. network high complexity thekelleys fedoraproject	3.7
2020-01-05	CVE-2019-19911	Integer Overflow or Wraparound vulnerability in multiple products There is a DoS vulnerability in Pillow before 6.2.2 caused by FpxImagePlugin.py calling the range function on an unvalidated 32-bit integer if the number of bands is large. network low complexity python debian fedoraproject canonical CWE-190	7.5
2020-01-03	CVE-2020-5395	Use After Free vulnerability in multiple products FontForge 20190801 has a use-after-free in SFD_GetFontMetaData in sfd.c. network low complexity fontforge fedoraproject opensuse CWE-416	8.8
2020-01-03	CVE-2012-4451	Cross-site Scripting vulnerability in multiple products Multiple cross-site scripting (XSS) vulnerabilities in Zend Framework 2.0.x before 2.0.1 allow remote attackers to inject arbitrary web script or HTML via unspecified input to (1) Debug, (2) Feed\PubSubHubbub, (3) Log\Formatter\Xml, (4) Tag\Cloud\Decorator, (5) Uri, (6) View\Helper\HeadStyle, (7) View\Helper\Navigation\Sitemap, or (8) View\Helper\Placeholder\Container\AbstractStandalone, related to Escaper. network low complexity zend fedoraproject redhat CWE-79	6.1
2020-01-03	CVE-2020-5313	Out-of-bounds Read vulnerability in multiple products libImaging/FliDecode.c in Pillow before 6.2.2 has an FLI buffer overflow. network low complexity python debian canonical fedoraproject CWE-125	7.1
2020-01-03	CVE-2020-5312	Classic Buffer Overflow vulnerability in multiple products libImaging/PcxDecode.c in Pillow before 6.2.2 has a PCX P mode buffer overflow. network low complexity python canonical debian fedoraproject CWE-120 critical	9.8
2020-01-03	CVE-2020-5311	Classic Buffer Overflow vulnerability in multiple products libImaging/SgiRleDecode.c in Pillow before 6.2.2 has an SGI buffer overflow. network low complexity python debian canonical fedoraproject CWE-120 critical	9.8
2020-01-03	CVE-2020-5310	Integer Overflow or Wraparound vulnerability in multiple products libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer overflow, related to realloc. network low complexity python canonical fedoraproject CWE-190	8.8
2020-01-02	CVE-2013-4752	Cross-site Scripting vulnerability in multiple products Symfony 2.0.X before 2.0.24, 2.1.X before 2.1.12, 2.2.X before 2.2.5, and 2.3.X before 2.3.3 have an issue in the HttpFoundation component. network low complexity sensiolabs fedoraproject CWE-79	6.1