Vulnerabilities > Fedoraproject > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-23 | CVE-2019-2592 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: PS). | 4.9 |
| 2019-04-23 | CVE-2019-2589 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). | 4.9 |
| 2019-04-23 | CVE-2019-2587 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Partition). | 4.9 |
| 2019-04-23 | CVE-2019-2585 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). | 4.9 |
| 2019-04-23 | CVE-2019-2584 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). | 4.9 |
| 2019-04-23 | CVE-2019-2581 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). | 4.9 |
| 2019-04-23 | CVE-2019-2580 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). | 4.9 |
| 2019-04-23 | CVE-2019-11474 | Incorrect Calculation vulnerability in multiple products coders/xwd.c in GraphicsMagick 1.3.31 allows attackers to cause a denial of service (floating-point exception and application crash) by crafting an XWD image file, a different vulnerability than CVE-2019-11008 and CVE-2019-11009. | 6.5 |
| 2019-04-22 | CVE-2019-11459 | Use of Uninitialized Resource vulnerability in multiple products The tiff_document_render() and tiff_document_get_thumbnail() functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented(), leading to uninitialized memory use when processing certain TIFF image files. | 5.5 |
| 2019-04-22 | CVE-2019-11454 | Cross-site Scripting vulnerability in multiple products Persistent cross-site scripting (XSS) in http/cervlet.c in Tildeslash Monit before 5.25.3 allows a remote unauthenticated attacker to introduce arbitrary JavaScript via manipulation of an unsanitized user field of the Authorization header for HTTP Basic Authentication, which is mishandled during an _viewlog operation. | 6.1 |