Vulnerabilities > Fedoraproject > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-02-19 | CVE-2019-5757 | Incorrect Type Conversion or Cast vulnerability in multiple products An incorrect object type assumption in SVG in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. | 8.8 |
2019-02-19 | CVE-2019-5756 | Use After Free vulnerability in multiple products Inappropriate memory management when caching in PDFium in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. | 8.8 |
2019-02-19 | CVE-2019-5755 | Numeric Errors vulnerability in multiple products Incorrect handling of negative zero in V8 in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. | 8.1 |
2019-02-17 | CVE-2019-8383 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in AdvanceCOMP through 2.1. | 7.8 |
2019-02-17 | CVE-2019-8381 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in Tcpreplay 4.3.1. | 7.8 |
2019-02-17 | CVE-2019-8379 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in AdvanceCOMP through 2.1. | 7.8 |
2019-02-17 | CVE-2019-8377 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in Tcpreplay 4.3.1. | 7.8 |
2019-02-17 | CVE-2019-8376 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in Tcpreplay 4.3.1. | 7.8 |
2019-02-11 | CVE-2019-5736 | OS Command Injection vulnerability in multiple products runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. local low complexity docker linuxfoundation redhat google linuxcontainers hp netapp apache opensuse d2iq fedoraproject canonical microfocus CWE-78 | 8.6 |
2019-02-11 | CVE-2019-6975 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products Django 1.11.x before 1.11.19, 2.0.x before 2.0.11, and 2.1.x before 2.1.6 allows Uncontrolled Memory Consumption via a malicious attacker-supplied value to the django.utils.numberformat.format() function. | 7.5 |