Vulnerabilities > Fedoraproject

DATE	CVE	VULNERABILITY TITLE	RISK
2019-04-22	CVE-2019-11455	Out-of-bounds Read vulnerability in multiple products A buffer over-read in Util_urlDecode in util.c in Tildeslash Monit before 5.25.3 allows a remote authenticated attacker to retrieve the contents of adjacent memory via manipulation of GET or POST parameters. network low complexity tildeslash debian fedoraproject canonical CWE-125	8.1
2019-04-22	CVE-2019-11454	Cross-site Scripting vulnerability in multiple products Persistent cross-site scripting (XSS) in http/cervlet.c in Tildeslash Monit before 5.25.3 allows a remote unauthenticated attacker to introduce arbitrary JavaScript via manipulation of an unsanitized user field of the Authorization header for HTTP Basic Authentication, which is mishandled during an _viewlog operation. network low complexity mmonit debian canonical fedoraproject CWE-79	6.1
2019-04-22	CVE-2019-11412	Always-Incorrect Control Flow Implementation vulnerability in multiple products An issue was discovered in Artifex MuJS 1.0.5. network low complexity artifex fedoraproject CWE-670	7.5
2019-04-22	CVE-2019-11235	Insufficient Verification of Data Authenticity vulnerability in multiple products FreeRADIUS before 3.0.19 mishandles the "each participant verifies that the received scalar is within a range, and that the received group element is a valid point on the curve being used" protection mechanism, aka a "Dragonblood" issue, a similar issue to CVE-2019-9498 and CVE-2019-9499. network low complexity freeradius fedoraproject redhat canonical opensuse CWE-345 critical	9.8
2019-04-22	CVE-2019-11234	Improper Authentication vulnerability in multiple products FreeRADIUS before 3.0.19 does not prevent use of reflection for authentication spoofing, aka a "Dragonblood" issue, a similar issue to CVE-2019-9497. network low complexity freeradius fedoraproject redhat canonical CWE-287 critical	9.8
2019-04-20	CVE-2019-11373	Out-of-bounds Read vulnerability in multiple products An out-of-bounds read in File__Analyze::Get_L8 in File__Analyze_Buffer.cpp in MediaInfoLib in MediaArea MediaInfo 18.12 leads to a crash. network low complexity mediaarea fedoraproject CWE-125	6.5
2019-04-20	CVE-2019-11372	Out-of-bounds Read vulnerability in multiple products An out-of-bounds read in MediaInfoLib::File__Tags_Helper::Synched_Test in Tag/File__Tags.cpp in MediaInfoLib in MediaArea MediaInfo 18.12 leads to a crash. network low complexity mediaarea fedoraproject CWE-125	6.5
2019-04-20	CVE-2019-11358	jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. network low complexity jquery debian drupal backdropcms fedoraproject opensuse netapp redhat oracle joomla juniper	6.1
2019-04-18	CVE-2019-3885	Use After Free vulnerability in multiple products A use-after-free flaw was found in pacemaker up to and including version 2.0.1 which could result in certain sensitive information to be leaked via the system logs. network low complexity clusterlabs canonical fedoraproject CWE-416	7.5
2019-04-18	CVE-2018-16878	Resource Exhaustion vulnerability in multiple products A flaw was found in pacemaker up to and including version 2.0.1. local low complexity clusterlabs canonical fedoraproject debian opensuse redhat CWE-400	5.5

Vulnerabilities > Fedoraproject {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Fedoraproject"}]}

Vulnerabilities > Fedoraproject