Vulnerabilities > Fedoraproject > Fedora
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-11-30 | CVE-2019-19269 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in tls_verify_crl in ProFTPD through 1.3.6b. | 4.9 |
2019-11-29 | CVE-2019-19451 | Infinite Loop vulnerability in multiple products When GNOME Dia before 2019-11-27 is launched with a filename argument that is not a valid codepoint in the current encoding, it enters an endless loop, thus endlessly writing text to stdout. | 5.5 |
2019-11-29 | CVE-2019-14901 | A heap overflow flaw was found in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. | 9.8 |
2019-11-29 | CVE-2019-14895 | A heap-based buffer overflow was discovered in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. | 9.8 |
2019-11-27 | CVE-2019-18660 | Information Exposure vulnerability in multiple products The Linux kernel before 5.4.1 on powerpc allows Information Exposure because the Spectre-RSB mitigation is not in place for all applicable CPUs, aka CID-39e72bf96f58. | 4.7 |
2019-11-27 | CVE-2016-1000110 | Open Redirect vulnerability in multiple products The CGIHandler class in Python before 2.7.12 does not protect against the HTTP_PROXY variable name clash in a CGI script, which could allow a remote attacker to redirect HTTP requests. | 6.1 |
2019-11-27 | CVE-2016-4980 | Use of Insufficiently Random Values vulnerability in multiple products A password generation weakness exists in xquest through 2016-06-13. | 2.5 |
2019-11-27 | CVE-2019-14812 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products A flaw was found in all ghostscript versions 9.x before 9.50, in the .setuserparams2 procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. | 7.8 |
2019-11-27 | CVE-2019-14896 | A heap-based buffer overflow vulnerability was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. | 9.8 |
2019-11-27 | CVE-2019-14867 | Resource Exhaustion vulnerability in multiple products A flaw was found in IPA, all 4.6.x versions before 4.6.7, all 4.7.x versions before 4.7.4 and all 4.8.x versions before 4.8.3, in the way the internal function ber_scanf() was used in some components of the IPA server, which parsed kerberos key data. | 8.8 |