Vulnerabilities > Fedoraproject > Fedora
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-01-03 | CVE-2018-20662 | Improper Input Validation vulnerability in multiple products In Poppler 0.72.0, PDFDoc::setup in PDFDoc.cc allows attackers to cause a denial-of-service (application crash caused by Object.h SIGABRT, because of a wrong return value from PDFDoc::setup) by crafting a PDF file in which an xref data structure is mishandled during extractPDFSubtype processing. | 6.5 |
| 2019-01-02 | CVE-2019-3500 | Information Exposure Through Log Files vulnerability in multiple products aria2c in aria2 1.33.1, when --log is used, can store an HTTP Basic Authentication username and password in a file, which might allow local users to obtain sensitive information by reading this file. | 7.8 |
| 2018-12-30 | CVE-2018-20593 | Out-of-bounds Write vulnerability in multiple products In Mini-XML (aka mxml) v2.12, there is stack-based buffer overflow in the scan_file function in mxmldoc.c. | 5.5 |
| 2018-12-30 | CVE-2018-20592 | Use After Free vulnerability in multiple products In Mini-XML (aka mxml) v2.12, there is a use-after-free in the mxmlAdd function of the mxml-node.c file. | 5.5 |
| 2018-12-28 | CVE-2018-20549 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products There is an illegal WRITE memory access at caca/file.c (function caca_file_read) in libcaca 0.99.beta19. | 8.8 |
| 2018-12-28 | CVE-2018-20548 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products There is an illegal WRITE memory access at common-image.c (function load_image) in libcaca 0.99.beta19 for 1bpp data. | 8.8 |
| 2018-12-28 | CVE-2018-20547 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products There is an illegal READ memory access at caca/dither.c (function get_rgba_default) in libcaca 0.99.beta19 for 24bpp data. | 8.1 |
| 2018-12-28 | CVE-2018-20546 | Integer Overflow or Wraparound vulnerability in multiple products There is an illegal READ memory access at caca/dither.c (function get_rgba_default) in libcaca 0.99.beta19 for the default bpp case. | 8.1 |
| 2018-12-28 | CVE-2018-20545 | Integer Overflow or Wraparound vulnerability in multiple products There is an illegal WRITE memory access at common-image.c (function load_image) in libcaca 0.99.beta19 for 4bpp data. | 8.8 |
| 2018-12-23 | CVE-2018-20406 | Integer Overflow or Wraparound vulnerability in multiple products Modules/_pickle.c in Python before 3.7.1 has an integer overflow via a large LONG_BINPUT value that is mishandled during a "resize to twice the size" attempt. | 7.5 |