Fedora

DATE	CVE	VULNERABILITY TITLE	RISK
2019-12-02	CVE-2012-4428	Out-of-bounds Read vulnerability in multiple products openslp: SLPIntersectStringList()' Function has a DoS vulnerability network low complexity openslp debian fedoraproject canonical CWE-125	7.5
2019-12-02	CVE-2019-19118	Incorrect Default Permissions vulnerability in multiple products Django 2.1 before 2.1.15 and 2.2 before 2.2.8 allows unintended model editing. network low complexity djangoproject fedoraproject CWE-276	6.5
2019-12-01	CVE-2019-19479	Out-of-bounds Read vulnerability in multiple products An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0.20.0-rc3. local low complexity opensc-project debian fedoraproject CWE-125	5.5
2019-12-01	CVE-2019-18609	Out-of-bounds Write vulnerability in multiple products An issue was discovered in amqp_handle_input in amqp_connection.c in rabbitmq-c 0.9.0. network low complexity rabbitmq-c-project fedoraproject canonical debian CWE-787 critical	9.8
2019-11-30	CVE-2019-19269	NULL Pointer Dereference vulnerability in multiple products An issue was discovered in tls_verify_crl in ProFTPD through 1.3.6b. network low complexity proftpd fedoraproject debian CWE-476	4.9
2019-11-29	CVE-2019-19451	Infinite Loop vulnerability in multiple products When GNOME Dia before 2019-11-27 is launched with a filename argument that is not a valid codepoint in the current encoding, it enters an endless loop, thus endlessly writing text to stdout. local low complexity gnome fedoraproject opensuse CWE-835	5.5
2019-11-29	CVE-2019-14901	A heap overflow flaw was found in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. network low complexity linux fedoraproject debian canonical critical	9.8
2019-11-29	CVE-2019-14895	A heap-based buffer overflow was discovered in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. network low complexity linux debian canonical fedoraproject opensuse critical	9.8
2019-11-27	CVE-2019-18660	Information Exposure vulnerability in multiple products The Linux kernel before 5.4.1 on powerpc allows Information Exposure because the Spectre-RSB mitigation is not in place for all applicable CPUs, aka CID-39e72bf96f58. local high complexity linux redhat canonical fedoraproject opensuse CWE-200	4.7
2019-11-27	CVE-2016-1000110	Open Redirect vulnerability in multiple products The CGIHandler class in Python before 2.7.12 does not protect against the HTTP_PROXY variable name clash in a CGI script, which could allow a remote attacker to redirect HTTP requests. network low complexity python debian fedoraproject CWE-601	6.1