Vulnerabilities > Fedoraproject > Fedora
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-11-18 | CVE-2019-19043 | Memory Leak vulnerability in multiple products A memory leak in the i40e_setup_macvlans() function in drivers/net/ethernet/intel/i40e/i40e_main.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering i40e_setup_channel() failures, aka CID-27d461333459. | 5.5 |
2019-11-17 | CVE-2019-19012 | Integer Overflow or Wraparound vulnerability in multiple products An integer overflow in the search_in_range function in regexec.c in Oniguruma 6.x before 6.9.4_rc2 leads to an out-of-bounds read, in which the offset of this read is under the control of an attacker. | 9.8 |
2019-11-16 | CVE-2019-19010 | Code Injection vulnerability in multiple products Eval injection in the Math plugin of Limnoria (before 2019.11.09) and Supybot (through 2018-05-09) allows remote unprivileged attackers to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands. | 9.8 |
2019-11-15 | CVE-2011-2726 | Incorrect Authorization vulnerability in multiple products An access bypass issue was found in Drupal 7.x before version 7.5. | 7.5 |
2019-11-15 | CVE-2014-0021 | Chrony before 1.29.1 has traffic amplification in cmdmon protocol | 7.5 |
2019-11-15 | CVE-2013-7089 | Information Exposure vulnerability in multiple products ClamAV before 0.97.7: dbg_printhex possible information leak | 7.5 |
2019-11-15 | CVE-2013-7088 | Classic Buffer Overflow vulnerability in multiple products ClamAV before 0.97.7 has buffer overflow in the libclamav component | 9.8 |
2019-11-15 | CVE-2013-7087 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products ClamAV before 0.97.7 has WWPack corrupt heap memory | 9.8 |
2019-11-15 | CVE-2019-14869 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products A flaw was found in all versions of ghostscript 9.x before 9.50, where the `.charkeys` procedure, where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. | 8.8 |
2019-11-15 | CVE-2019-18928 | Cyrus IMAP 2.5.x before 2.5.14 and 3.x before 3.0.12 allows privilege escalation because an HTTP request may be interpreted in the authentication context of an unrelated previous request that arrived over the same connection. | 9.8 |