Vulnerabilities > Fedoraproject > Critical

DATE CVE VULNERABILITY TITLE RISK
2019-09-15 CVE-2019-14540 Deserialization of Untrusted Data vulnerability in multiple products
A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10.
network
low complexity
fasterxml netapp fedoraproject debian redhat oracle CWE-502
critical
 9.8
9.8
2019-09-06 CVE-2019-14813 Incorrect Authorization vulnerability in multiple products
A flaw was found in ghostscript, versions 9.x before 9.50, in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions.
network
low complexity
artifex redhat fedoraproject opensuse debian CWE-863
critical
 9.8
9.8
2019-08-29 CVE-2019-11500 Out-of-bounds Write vulnerability in multiple products
In Dovecot before 2.2.36.4 and 2.3.x before 2.3.7.2 (and Pigeonhole before 0.5.7.2), protocol processing can fail for quoted strings.
network
low complexity
dovecot debian fedoraproject CWE-787
critical
 9.8
9.8
2019-08-23 CVE-2019-10746 Argument Injection or Modification vulnerability in multiple products
mixin-deep is vulnerable to Prototype Pollution in versions before 1.3.2 and version 2.0.0.
network
low complexity
mixin-deep-project fedoraproject oracle CWE-88
critical
 9.8
9.8
2019-08-18 CVE-2019-15151 Double Free vulnerability in multiple products
AdPlug 2.3.1 has a double free in the Cu6mPlayer class in u6m.h.
network
low complexity
adplug-project fedoraproject CWE-415
critical
 9.8
9.8
2019-08-15 CVE-2019-9851 Improper Input Validation vulnerability in multiple products
LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from.
network
low complexity
debian canonical opensuse fedoraproject libreoffice CWE-20
critical
 9.8
9.8
2019-08-15 CVE-2019-9850 Improper Input Validation vulnerability in multiple products
LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from.
network
low complexity
debian canonical opensuse fedoraproject libreoffice CWE-20
critical
 9.8
9.8
2019-08-09 CVE-2019-14234 SQL Injection vulnerability in multiple products
An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4.
network
low complexity
djangoproject fedoraproject debian CWE-89
critical
 9.8
9.8
2019-08-02 CVE-2019-14532 Off-by-one Error vulnerability in multiple products
An issue was discovered in The Sleuth Kit (TSK) 4.6.6.
network
low complexity
sleuthkit fedoraproject CWE-193
critical
 9.8
9.8
2019-07-31 CVE-2019-14463 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in libmodbus before 3.0.7 and 3.1.x before 3.1.5.
network
low complexity
libmodbus fedoraproject debian CWE-125
critical
 9.1
9.1