Vulnerabilities > Fedoraproject > Fedora
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-19 | CVE-2019-19906 | Off-by-one Error vulnerability in multiple products cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet. | 7.5 |
| 2019-12-18 | CVE-2019-16782 | Information Exposure Through Discrepancy vulnerability in multiple products There's a possible information leak / session hijack vulnerability in Rack (RubyGem rack). | 5.9 |
| 2019-12-18 | CVE-2018-1311 | Use After Free vulnerability in multiple products The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during the scanning of external DTDs. | 8.1 |
| 2019-12-17 | CVE-2019-3996 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in multiple products ELOG 3.1.4-57bea22 and below can be used as an HTTP GET request proxy when unauthenticated remote attackers send crafted HTTP POST requests. | 6.5 |
| 2019-12-17 | CVE-2019-3995 | NULL Pointer Dereference vulnerability in multiple products ELOG 3.1.4-57bea22 and below is affected by a denial of service vulnerability due to a NULL pointer dereference. | 7.5 |
| 2019-12-17 | CVE-2019-3994 | Use After Free vulnerability in multiple products ELOG 3.1.4-57bea22 and below is affected by a denial of service vulnerability due to a use after free. | 7.5 |
| 2019-12-17 | CVE-2019-3993 | Cleartext Transmission of Sensitive Information vulnerability in multiple products ELOG 3.1.4-57bea22 and below is affected by an information disclosure vulnerability. | 7.5 |
| 2019-12-17 | CVE-2019-3992 | Cleartext Transmission of Sensitive Information vulnerability in multiple products ELOG 3.1.4-57bea22 and below is affected by an information disclosure vulnerability. | 7.5 |
| 2019-12-16 | CVE-2019-19783 | Improper Privilege Management vulnerability in multiple products An issue was discovered in Cyrus IMAP before 2.5.15, 3.0.x before 3.0.13, and 3.1.x through 3.1.8. | 6.5 |
| 2019-12-15 | CVE-2019-19797 | Out-of-bounds Write vulnerability in multiple products read_colordef in read.c in Xfig fig2dev 3.2.7b has an out-of-bounds write. | 5.5 |