Fedora

DATE	CVE	VULNERABILITY TITLE	RISK
2019-05-24	CVE-2019-10143	It was discovered freeradius up to and including version 3.0.19 does not correctly configure logrotate, allowing a local attacker who already has control of the radiusd user to escalate his privileges to root, by tricking logrotate into writing a radiusd-writable file to a directory normally inaccessible by the radiusd user. local high complexity freeradius fedoraproject redhat	7.0
2019-05-22	CVE-2019-10132	A vulnerability was found in libvirt >= 4.1.0 in the virtlockd-admin.socket and virtlogd-admin.socket systemd units. network low complexity redhat fedoraproject	8.8
2019-05-20	CVE-2019-12221	Out-of-bounds Write vulnerability in multiple products An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. network low complexity libsdl fedoraproject canonical opensuse debian CWE-787	6.5
2019-05-20	CVE-2019-12216	Out-of-bounds Write vulnerability in multiple products An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) 2.0.9 when used in conjunction with libSDL2_image.a in SDL2_image 2.0.4. network low complexity libsdl fedoraproject debian canonical CWE-787	6.5
2019-05-20	CVE-2019-12213	Uncontrolled Recursion vulnerability in multiple products When FreeImage 3.18.0 reads a special TIFF file, the TIFFReadDirectory function in PluginTIFF.cpp always returns 1, leading to stack exhaustion. network low complexity freeimage-project canonical debian fedoraproject CWE-674	6.5
2019-05-16	CVE-2019-3839	It was found that in ghostscript some privileged operators remained accessible from various places after the CVE-2019-6116 fix. local low complexity artifex debian opensuse fedoraproject canonical redhat	7.8
2019-05-15	CVE-2019-12098	In the client side of Heimdal before 7.6.0, failure to verify anonymous PKINIT PA-PKINIT-KX key exchange permits a man-in-the-middle attack. network high complexity heimdal-project fedoraproject opensuse debian	7.4
2019-05-15	CVE-2019-8936	NULL Pointer Dereference vulnerability in multiple products NTP through 4.2.8p12 has a NULL Pointer Dereference. network low complexity netapp fedoraproject opensuse hpe ntp CWE-476	7.5
2019-05-15	CVE-2019-11833	Use of Uninitialized Resource vulnerability in multiple products fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem. local low complexity linux fedoraproject debian canonical redhat CWE-908	5.5
2019-05-14	CVE-2019-11328	Incorrect Permission Assignment for Critical Resource vulnerability in multiple products An issue was discovered in Singularity 3.1.0 to 3.2.0-rc2, a malicious user with local/network access to the host system (e.g. network low complexity sylabs fedoraproject opensuse CWE-732	8.8