Vulnerabilities > Fedoraproject > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-11-17 | CVE-2019-19012 | Integer Overflow or Wraparound vulnerability in multiple products An integer overflow in the search_in_range function in regexec.c in Oniguruma 6.x before 6.9.4_rc2 leads to an out-of-bounds read, in which the offset of this read is under the control of an attacker. | 9.8 |
2019-11-16 | CVE-2019-19010 | Code Injection vulnerability in multiple products Eval injection in the Math plugin of Limnoria (before 2019.11.09) and Supybot (through 2018-05-09) allows remote unprivileged attackers to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands. | 9.8 |
2019-11-15 | CVE-2013-7088 | Classic Buffer Overflow vulnerability in multiple products ClamAV before 0.97.7 has buffer overflow in the libclamav component | 9.8 |
2019-11-15 | CVE-2013-7087 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products ClamAV before 0.97.7 has WWPack corrupt heap memory | 9.8 |
2019-11-15 | CVE-2019-18928 | Cyrus IMAP 2.5.x before 2.5.14 and 3.x before 3.0.12 allows privilege escalation because an HTTP request may be interpreted in the authentication context of an unrelated previous request that arrived over the same connection. | 9.8 |
2019-11-12 | CVE-2010-3438 | Use of Externally-Controlled Format String vulnerability in multiple products libpoe-component-irc-perl before v6.32 does not remove carriage returns and line feeds. | 9.8 |
2019-11-04 | CVE-2015-8980 | Improper Input Validation vulnerability in multiple products The plural form formula in ngettext family of calls in php-gettext before 1.0.12 allows remote attackers to execute arbitrary code. | 9.8 |
2019-11-04 | CVE-2013-4409 | Improper Input Validation vulnerability in multiple products An eval() vulnerability exists in Python Software Foundation Djblets 0.7.21 and Beanbag Review Board before 1.7.15 when parsing JSON requests. | 9.8 |
2019-10-31 | CVE-2019-18425 | Improper Privilege Management vulnerability in multiple products An issue was discovered in Xen through 4.12.x allowing 32-bit PV guest OS users to gain guest OS privileges by installing and using descriptors. | 9.8 |
2019-10-30 | CVE-2018-21029 | Improper Certificate Validation vulnerability in multiple products systemd 239 through 245 accepts any certificate signed by a trusted certificate authority for DNS Over TLS. | 9.8 |