Fedora

DATE	CVE	VULNERABILITY TITLE	RISK
2019-11-18	CVE-2019-19043	Memory Leak vulnerability in multiple products A memory leak in the i40e_setup_macvlans() function in drivers/net/ethernet/intel/i40e/i40e_main.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering i40e_setup_channel() failures, aka CID-27d461333459. local low complexity linux canonical fedoraproject CWE-401	5.5
2019-11-17	CVE-2019-19012	Integer Overflow or Wraparound vulnerability in multiple products An integer overflow in the search_in_range function in regexec.c in Oniguruma 6.x before 6.9.4_rc2 leads to an out-of-bounds read, in which the offset of this read is under the control of an attacker. network low complexity oniguruma-project debian fedoraproject redhat CWE-190 critical	9.8
2019-11-16	CVE-2019-19010	Code Injection vulnerability in multiple products Eval injection in the Math plugin of Limnoria (before 2019.11.09) and Supybot (through 2018-05-09) allows remote unprivileged attackers to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands. network low complexity limnoria-project fedoraproject CWE-94 critical	9.8
2019-11-15	CVE-2011-2726	Incorrect Authorization vulnerability in multiple products An access bypass issue was found in Drupal 7.x before version 7.5. network low complexity drupal debian redhat fedoraproject CWE-863	7.5
2019-11-15	CVE-2014-0021	Chrony before 1.29.1 has traffic amplification in cmdmon protocol network low complexity chrony-project debian fedoraproject	7.5
2019-11-15	CVE-2013-7089	Information Exposure vulnerability in multiple products ClamAV before 0.97.7: dbg_printhex possible information leak network low complexity clamav debian fedoraproject CWE-200	7.5
2019-11-15	CVE-2013-7088	Classic Buffer Overflow vulnerability in multiple products ClamAV before 0.97.7 has buffer overflow in the libclamav component network low complexity clamav debian fedoraproject CWE-120 critical	9.8
2019-11-15	CVE-2013-7087	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products ClamAV before 0.97.7 has WWPack corrupt heap memory network low complexity clamav debian fedoraproject CWE-119 critical	9.8
2019-11-15	CVE-2019-14869	Incorrect Permission Assignment for Critical Resource vulnerability in multiple products A flaw was found in all versions of ghostscript 9.x before 9.50, where the `.charkeys` procedure, where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. network low complexity artifex fedoraproject opensuse CWE-732	8.8
2019-11-15	CVE-2019-18928	Cyrus IMAP 2.5.x before 2.5.14 and 3.x before 3.0.12 allows privilege escalation because an HTTP request may be interpreted in the authentication context of an unrelated previous request that arrived over the same connection. network low complexity cyrus fedoraproject debian critical	9.8