Vulnerabilities > Fedoraproject > High

DATE CVE VULNERABILITY TITLE RISK
2019-12-19 CVE-2019-19906 Off-by-one Error vulnerability in multiple products
cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet.
7.5
2019-12-18 CVE-2018-1311 Use After Free vulnerability in multiple products
The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during the scanning of external DTDs.
network
high complexity
apache redhat debian oracle fedoraproject CWE-416
8.1
2019-12-17 CVE-2019-3995 NULL Pointer Dereference vulnerability in multiple products
ELOG 3.1.4-57bea22 and below is affected by a denial of service vulnerability due to a NULL pointer dereference.
network
low complexity
elog-project fedoraproject CWE-476
7.5
2019-12-17 CVE-2019-3994 Use After Free vulnerability in multiple products
ELOG 3.1.4-57bea22 and below is affected by a denial of service vulnerability due to a use after free.
network
low complexity
elog-project fedoraproject CWE-416
7.5
2019-12-17 CVE-2019-3993 Cleartext Transmission of Sensitive Information vulnerability in multiple products
ELOG 3.1.4-57bea22 and below is affected by an information disclosure vulnerability.
network
low complexity
elog-project fedoraproject CWE-319
7.5
2019-12-17 CVE-2019-3992 Cleartext Transmission of Sensitive Information vulnerability in multiple products
ELOG 3.1.4-57bea22 and below is affected by an information disclosure vulnerability.
network
low complexity
elog-project fedoraproject CWE-319
7.5
2019-12-13 CVE-2019-19787 Out-of-bounds Write vulnerability in multiple products
ATasm 1.06 has a stack-based buffer overflow in the get_signed_expression() function in setparse.c via a crafted .m65 file.
local
low complexity
atasm-project fedoraproject CWE-787
7.8
2019-12-13 CVE-2019-19786 Out-of-bounds Write vulnerability in multiple products
ATasm 1.06 has a stack-based buffer overflow in the parse_expr() function in setparse.c via a crafted .m65 file.
local
low complexity
atasm-project fedoraproject CWE-787
7.8
2019-12-13 CVE-2019-19785 Out-of-bounds Write vulnerability in multiple products
ATasm 1.06 has a stack-based buffer overflow in the to_comma() function in asm.c via a crafted .m65 file.
local
low complexity
atasm-project fedoraproject CWE-787
7.8
2019-12-13 CVE-2019-16776 Path Traversal vulnerability in multiple products
Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary File Write.
network
low complexity
npmjs opensuse oracle fedoraproject redhat CWE-22
8.1