Vulnerabilities > Fedoraproject > Critical

DATE CVE VULNERABILITY TITLE RISK
2019-07-31 CVE-2019-14462 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in libmodbus before 3.0.7 and 3.1.x before 3.1.5.
network
low complexity
libmodbus fedoraproject debian CWE-125
critical
 9.1
9.1
2019-07-29 CVE-2019-14379 SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles default typing when ehcache is used (because of net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup), leading to remote code execution.
network
low complexity
fasterxml debian netapp fedoraproject redhat oracle apple
critical
 9.8
9.8
2019-07-22 CVE-2019-1010228 Out-of-bounds Write vulnerability in multiple products
OFFIS.de DCMTK 3.6.3 and below is affected by: Buffer Overflow.
network
low complexity
offis fedoraproject CWE-787
critical
 9.8
9.8
2019-07-19 CVE-2019-12815 Improper Handling of Exceptional Conditions vulnerability in multiple products
An arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to CVE-2015-3306.
network
low complexity
proftpd fedoraproject debian siemens CWE-755
critical
 9.8
9.8
2019-07-19 CVE-2019-1010238 Out-of-bounds Write vulnerability in multiple products
Gnome Pango 1.42 and later is affected by: Buffer Overflow.
network
low complexity
gnome oracle fedoraproject debian canonical redhat CWE-787
critical
 9.8
9.8
2019-07-17 CVE-2019-9848 Code Injection vulnerability in multiple products
LibreOffice has a feature where documents can specify that pre-installed scripts can be executed on various document events such as mouse-over, etc.
network
low complexity
libreoffice canonical fedoraproject debian opensuse CWE-94
critical
 9.8
9.8
2019-07-11 CVE-2019-12525 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in Squid 3.3.9 through 3.5.28 and 4.x through 4.7.
network
low complexity
squid-cache debian opensuse fedoraproject canonical CWE-787
critical
 9.8
9.8
2019-07-11 CVE-2019-12838 SQL Injection vulnerability in multiple products
SchedMD Slurm 17.11.x, 18.08.0 through 18.08.7, and 19.05.0 allows SQL Injection.
network
low complexity
schedmd debian fedoraproject opensuse CWE-89
critical
 9.8
9.8
2019-07-10 CVE-2019-13132 Out-of-bounds Write vulnerability in multiple products
In ZeroMQ libzmq before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.3.2, a remote, unauthenticated client connecting to a libzmq application, running with a socket listening with CURVE encryption/authentication enabled, may cause a stack overflow and overwrite the stack with arbitrary data, due to a buffer overflow in the library.
network
low complexity
zeromq debian canonical fedoraproject CWE-787
critical
 9.8
9.8
2019-07-10 CVE-2019-13224 Use After Free vulnerability in multiple products
A use-after-free in onig_new_deluxe() in regext.c in Oniguruma 6.9.2 allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing a crafted regular expression.
network
low complexity
oniguruma-project php fedoraproject debian canonical CWE-416
critical
 9.8
9.8