Vulnerabilities > Fedoraproject > High

DATE CVE VULNERABILITY TITLE RISK
2020-01-13 CVE-2020-6860 Out-of-bounds Write vulnerability in multiple products
libmysofa 0.9.1 has a stack-based buffer overflow in readDataVar in hdf/dataobject.c during the reading of a header message attribute.
network
low complexity
symonics fedoraproject CWE-787
8.8
2020-01-13 CVE-2020-6851 Out-of-bounds Write vulnerability in multiple products
OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj_t1_clbl_decode_processor in openjp2/t1.c because of lack of opj_j2k_update_image_dimensions validation.
7.5
2020-01-10 CVE-2020-6377 Use After Free vulnerability in multiple products
Use after free in audio in Google Chrome prior to 79.0.3945.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
8.8
2020-01-10 CVE-2019-13767 Use After Free vulnerability in multiple products
Use after free in media picker in Google Chrome prior to 79.0.3945.88 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject opensuse CWE-416
8.8
2020-01-05 CVE-2019-19911 Integer Overflow or Wraparound vulnerability in multiple products
There is a DoS vulnerability in Pillow before 6.2.2 caused by FpxImagePlugin.py calling the range function on an unvalidated 32-bit integer if the number of bands is large.
network
low complexity
python debian fedoraproject canonical CWE-190
7.5
2020-01-03 CVE-2020-5395 Use After Free vulnerability in multiple products
FontForge 20190801 has a use-after-free in SFD_GetFontMetaData in sfd.c.
network
low complexity
fontforge fedoraproject opensuse CWE-416
8.8
2020-01-03 CVE-2020-5313 Out-of-bounds Read vulnerability in multiple products
libImaging/FliDecode.c in Pillow before 6.2.2 has an FLI buffer overflow.
network
low complexity
python debian canonical fedoraproject CWE-125
7.1
2020-01-03 CVE-2020-5310 Integer Overflow or Wraparound vulnerability in multiple products
libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer overflow, related to realloc.
network
low complexity
python canonical fedoraproject CWE-190
8.8
2019-12-31 CVE-2013-4357 Classic Buffer Overflow vulnerability in multiple products
The eglibc package before 2.14 incorrectly handled the getaddrinfo() function.
7.5
2019-12-31 CVE-2013-4161 Improper Privilege Management vulnerability in multiple products
gksu-polkit-0.0.3-6.fc18 was reported as fixing the issue in CVE-2012-5617 but the patch was improperly applied and it did not fixed the security issue.
7.8