Vulnerabilities > Fedoraproject > Fedora > Critical

DATE CVE VULNERABILITY TITLE RISK
2019-12-06 CVE-2019-19334 Out-of-bounds Write vulnerability in multiple products
In all versions of libyang before 1.0-r5, a stack-based buffer overflow was discovered in the way libyang parses YANG files with a leaf of type "identityref".
network
low complexity
cesnet redhat fedoraproject CWE-787
critical
 9.8
9.8
2019-12-01 CVE-2019-18609 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in amqp_handle_input in amqp_connection.c in rabbitmq-c 0.9.0.
network
low complexity
rabbitmq-c-project fedoraproject canonical debian CWE-787
critical
 9.8
9.8
2019-11-29 CVE-2019-14901 Heap-based Buffer Overflow vulnerability in multiple products
A heap overflow flaw was found in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver.
network
low complexity
linux fedoraproject debian canonical CWE-122
critical
 9.8
9.8
2019-11-29 CVE-2019-14895 Heap-based Buffer Overflow vulnerability in multiple products
A heap-based buffer overflow was discovered in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver.
network
low complexity
linux debian canonical fedoraproject opensuse CWE-122
critical
 9.8
9.8
2019-11-27 CVE-2019-14896 Heap-based Buffer Overflow vulnerability in multiple products
A heap-based buffer overflow vulnerability was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver.
network
low complexity
linux redhat fedoraproject canonical debian CWE-122
critical
 9.8
9.8
2019-11-26 CVE-2019-12526 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in Squid before 4.9.
network
low complexity
squid-cache canonical fedoraproject opensuse debian CWE-787
critical
 9.8
9.8
2019-11-26 CVE-2019-12523 An issue was discovered in Squid before 4.9.
network
low complexity
squid-cache canonical fedoraproject opensuse debian
critical
 9.1
9.1
2019-11-22 CVE-2019-18622 SQL Injection vulnerability in multiple products
An issue was discovered in phpMyAdmin before 4.9.2.
network
low complexity
phpmyadmin opensuse fedoraproject CWE-89
critical
 9.8
9.8
2019-11-21 CVE-2019-18889 Code Injection vulnerability in multiple products
An issue was discovered in Symfony 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7.
network
low complexity
sensiolabs fedoraproject CWE-94
critical
 9.8
9.8
2019-11-17 CVE-2019-19012 Integer Overflow or Wraparound vulnerability in multiple products
An integer overflow in the search_in_range function in regexec.c in Oniguruma 6.x before 6.9.4_rc2 leads to an out-of-bounds read, in which the offset of this read is under the control of an attacker.
network
low complexity
oniguruma-project debian fedoraproject redhat CWE-190
critical
 9.8
9.8