Vulnerabilities > Fedoraproject > Fedora
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-05 | CVE-2018-1002102 | Open Redirect vulnerability in multiple products Improper validation of URL redirection in the Kubernetes API server in versions prior to v1.14.0 allows an attacker-controlled Kubelet to redirect API server requests from streaming endpoints to arbitrary hosts. | 2.6 |
| 2019-12-04 | CVE-2019-19579 | Improper Input Validation vulnerability in multiple products An issue was discovered in Xen through 4.12.x allowing attackers to gain host OS privileges via DMA in a situation where an untrusted domain has access to a physical device (and assignable-add is not used), because of an incomplete fix for CVE-2019-18424. | 6.8 |
| 2019-12-03 | CVE-2013-4411 | Incorrect Authorization vulnerability in multiple products Review Board: URL processing gives unauthorized users access to review lists | 4.3 |
| 2019-12-03 | CVE-2013-4235 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees | 4.7 |
| 2019-12-02 | CVE-2013-4410 | Incorrect Authorization vulnerability in multiple products ReviewBoard: has an access-control problem in REST API | 7.5 |
| 2019-12-02 | CVE-2012-4480 | Improper Privilege Management vulnerability in multiple products mom creates world-writable pid files in /var/run | 7.8 |
| 2019-12-02 | CVE-2012-4428 | Out-of-bounds Read vulnerability in multiple products openslp: SLPIntersectStringList()' Function has a DoS vulnerability | 7.5 |
| 2019-12-02 | CVE-2019-19118 | Incorrect Default Permissions vulnerability in multiple products Django 2.1 before 2.1.15 and 2.2 before 2.2.8 allows unintended model editing. | 6.5 |
| 2019-12-01 | CVE-2019-19479 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0.20.0-rc3. | 5.5 |
| 2019-12-01 | CVE-2019-18609 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in amqp_handle_input in amqp_connection.c in rabbitmq-c 0.9.0. | 9.8 |