Fedora

DATE	CVE	VULNERABILITY TITLE	RISK
2019-01-31	CVE-2019-7282	In NetKit through 0.17, rcp.c in the rcp client allows remote rsh servers to bypass intended access restrictions via the filename of . network high complexity netkit debian fedoraproject	5.9
2019-01-31	CVE-2019-6111	Path Traversal vulnerability in multiple products An issue was discovered in OpenSSH 7.9. network high complexity openbsd winscp canonical debian redhat fedoraproject apache freebsd fujitsu siemens CWE-22	5.9
2019-01-31	CVE-2019-6109	Improper Encoding or Escaping of Output vulnerability in multiple products An issue was discovered in OpenSSH 7.9. network high complexity openbsd winscp canonical debian netapp fedoraproject redhat siemens fujitsu CWE-116	6.8
2019-01-30	CVE-2018-17189	Resource Exhaustion vulnerability in multiple products In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data. network low complexity apache netapp fedoraproject debian oracle canonical redhat CWE-400	5.3
2019-01-16	CVE-2019-6446	Deserialization of Untrusted Data vulnerability in multiple products An issue was discovered in NumPy 1.16.0 and earlier. network low complexity numpy fedoraproject CWE-502 critical	9.8
2019-01-15	CVE-2019-0001	Uncontrolled Recursion vulnerability in multiple products Receipt of a malformed packet on MX Series devices with dynamic vlan configuration can trigger an uncontrolled recursion loop in the Broadband Edge subscriber management daemon (bbe-smgd), and lead to high CPU usage and a crash of the bbe-smgd service. network low complexity juniper fedoraproject CWE-674	7.5
2019-01-15	CVE-2019-3811	A vulnerability was found in sssd. low complexity fedoraproject debian opensuse redhat	5.2
2019-01-14	CVE-2018-16886	Improper Authentication vulnerability in multiple products etcd versions 3.2.x before 3.2.26 and 3.3.x before 3.3.11 are vulnerable to an improper authentication issue when role-based access control (RBAC) is used and client-cert-auth is enabled. network high complexity etcd redhat fedoraproject CWE-287	8.1
2019-01-14	CVE-2019-6251	WebKitGTK and WPE WebKit prior to version 2.24.1 are vulnerable to address bar spoofing upon certain JavaScript redirections. network low complexity gnome wpewebkit webkitgtk fedoraproject canonical opensuse	8.1
2019-01-09	CVE-2019-3498	Injection vulnerability in multiple products In Django 1.11.x before 1.11.18, 2.0.x before 2.0.10, and 2.1.x before 2.1.5, an Improper Neutralization of Special Elements in Output Used by a Downstream Component issue exists in django.views.defaults.page_not_found(), leading to content spoofing (in a 404 error page) if a user fails to recognize that a crafted URL has malicious content. network low complexity djangoproject debian canonical fedoraproject CWE-74	6.5