Vulnerabilities > Fedoraproject

DATE	CVE	VULNERABILITY TITLE	RISK
2018-12-13	CVE-2018-16872	Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products A flaw was found in qemu Media Transfer Protocol (MTP). network high complexity qemu debian fedoraproject canonical opensuse CWE-367	5.3
2018-12-13	CVE-2018-19489	Race Condition vulnerability in multiple products v9fs_wstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a denial of service (crash) because of a race condition during file renaming. local high complexity qemu debian fedoraproject canonical opensuse CWE-362	4.7
2018-12-13	CVE-2018-19364	Use After Free vulnerability in multiple products hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path while it is being accessed by a second thread, leading to (for example) a use-after-free outcome. local low complexity qemu canonical debian fedoraproject opensuse CWE-416	5.5
2018-12-12	CVE-2018-16867	Race Condition vulnerability in multiple products A flaw was found in qemu Media Transfer Protocol (MTP) before version 3.1.0. local high complexity qemu fedoraproject canonical CWE-362	7.8
2018-12-12	CVE-2018-20097	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products There is a SEGV in Exiv2::Internal::TiffParserWorker::findPrimaryGroups of tiffimage_int.cpp in Exiv2 0.27-RC3. network low complexity exiv2 debian fedoraproject redhat CWE-119	6.5
2018-12-11	CVE-2018-20060	urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). network low complexity python fedoraproject critical	9.8
2018-12-10	CVE-2018-20005	Use After Free vulnerability in multiple products An issue has been found in Mini-XML (aka mxml) 2.12. local low complexity msweet fedoraproject CWE-416	5.5
2018-12-10	CVE-2018-20004	Out-of-bounds Write vulnerability in multiple products An issue has been found in Mini-XML (aka mxml) 2.12. network low complexity mini-xml-project debian fedoraproject CWE-787	8.8
2018-12-07	CVE-2018-18311	Integer Overflow or Wraparound vulnerability in multiple products Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations. network low complexity perl canonical debian netapp redhat apple fedoraproject mcafee CWE-190 critical	9.8
2018-12-04	CVE-2018-19591	Improper Input Validation vulnerability in multiple products In the GNU C Library (aka glibc or libc6) through 2.28, attempting to resolve a crafted hostname via getaddrinfo() leads to the allocation of a socket descriptor that is not closed. network low complexity gnu fedoraproject CWE-20	7.5

Vulnerabilities > Fedoraproject {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Fedoraproject"}]}

Vulnerabilities > Fedoraproject