Vulnerabilities > Fedoraproject > Low

DATE CVE VULNERABILITY TITLE RISK
2019-12-10 CVE-2019-13762 Improper Locking vulnerability in multiple products
Insufficient policy enforcement in downloads in Google Chrome on Windows prior to 79.0.3945.79 allowed a local attacker to spoof downloaded files via local code.
local
low complexity
google debian fedoraproject redhat CWE-667
3.3
3.3
2019-12-05 CVE-2018-1002102 Open Redirect vulnerability in multiple products
Improper validation of URL redirection in the Kubernetes API server in versions prior to v1.14.0 allows an attacker-controlled Kubelet to redirect API server requests from streaming endpoints to arbitrary hosts.
network
high complexity
kubernetes fedoraproject CWE-601
2.6
2.6
2019-11-27 CVE-2016-4980 Use of Insufficiently Random Values vulnerability in multiple products
A password generation weakness exists in xquest through 2016-06-13.
local
high complexity
ethz fedoraproject redhat CWE-330
2.5
2.5
2019-11-19 CVE-2019-19126 Improper Initialization vulnerability in multiple products
On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program.
local
low complexity
gnu canonical fedoraproject debian CWE-665
3.3
3.3
2019-11-18 CVE-2019-19057 Memory Leak vulnerability in multiple products
Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures, aka CID-d10dcb615c8e. 		3.3
3.3
2019-11-14 CVE-2012-1160 Incorrect Permission Assignment for Critical Resource vulnerability in multiple products
Moodle before 2.2.2 has a permission issue in Forum Subscriptions where unenrolled users can subscribe/unsubscribe via mod/forum/index.php
network
low complexity
moodle fedoraproject CWE-732
2.7
2.7
2019-10-16 CVE-2019-2911 Vulnerability in the MySQL Server product of Oracle MySQL (component: Information Schema).
network
low complexity
oracle canonical fedoraproject netapp
2.7
2.7
2019-10-01 CVE-2019-17052 Incorrect Default Permissions vulnerability in multiple products
ax25_create in net/ax25/af_ax25.c in the AF_AX25 network module in the Linux kernel 3.16 through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-0614e2b73768.
local
low complexity
linux debian fedoraproject canonical CWE-276
3.3
3.3
2019-10-01 CVE-2019-17055 Missing Authorization vulnerability in multiple products
base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21. 		3.3
3.3
2019-07-23 CVE-2019-2738 Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Compiling).
network
high complexity
oracle canonical fedoraproject redhat
3.1
3.1