Vulnerabilities (CVE)

Filtered by vendor Fedoraproject Subscribe
Filtered by product Fedora
Total 5046 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-1000852 3 Canonical, Fedoraproject, Freerdp 3 Ubuntu Linux, Fedora, Freerdp 2023-12-10 6.4 MEDIUM 6.5 MEDIUM
FreeRDP FreeRDP 2.0.0-rc3 released version before commit 205c612820dac644d665b5bb1cdf437dc5ca01e3 contains a Other/Unknown vulnerability in channels/drdynvc/client/drdynvc_main.c, drdynvc_process_capability_request that can result in The RDP server can read the client's memory.. This attack appear to be exploitable via RDPClient must connect the rdp server with echo option. This vulnerability appears to have been fixed in after commit 205c612820dac644d665b5bb1cdf437dc5ca01e3.
CVE-2019-6111 10 Apache, Canonical, Debian and 7 more 27 Mina Sshd, Ubuntu Linux, Debian Linux and 24 more 2023-12-10 5.8 MEDIUM 5.9 MEDIUM
An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious scp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the scp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file).
CVE-2018-1000880 4 Canonical, Fedoraproject, Libarchive and 1 more 4 Ubuntu Linux, Fedora, Libarchive and 1 more 2023-12-10 4.3 MEDIUM 6.5 MEDIUM
libarchive version commit 9693801580c0cf7c70e862d305270a16b52826a7 onwards (release v3.2.0 onwards) contains a CWE-20: Improper Input Validation vulnerability in WARC parser - libarchive/archive_read_support_format_warc.c, _warc_read() that can result in DoS - quasi-infinite run time and disk usage from tiny file. This attack appear to be exploitable via the victim must open a specially crafted WARC file.
CVE-2019-9211 3 Fedoraproject, Gnu, Suse 4 Fedora, Pspp, Backports and 1 more 2023-12-10 4.3 MEDIUM 6.5 MEDIUM
There is a reachable assertion abort in the function write_long_string_missing_values() in data/sys-file-writer.c in libdata.a in GNU PSPP 1.2.0 that will lead to denial of service.
CVE-2019-5773 4 Debian, Fedoraproject, Google and 1 more 6 Debian Linux, Fedora, Chrome and 3 more 2023-12-10 4.3 MEDIUM 6.5 MEDIUM
Insufficient origin validation in IndexedDB in Google Chrome prior to 72.0.3626.81 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page.
CVE-2019-6975 3 Canonical, Djangoproject, Fedoraproject 3 Ubuntu Linux, Django, Fedora 2023-12-10 5.0 MEDIUM 7.5 HIGH
Django 1.11.x before 1.11.19, 2.0.x before 2.0.11, and 2.1.x before 2.1.6 allows Uncontrolled Memory Consumption via a malicious attacker-supplied value to the django.utils.numberformat.format() function.
CVE-2019-1559 13 Canonical, Debian, F5 and 10 more 90 Ubuntu Linux, Debian Linux, Big-ip Access Policy Manager and 87 more 2023-12-10 4.3 MEDIUM 5.9 MEDIUM
If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. If the application then behaves differently based on that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data. In order for this to be exploitable "non-stitched" ciphersuites must be in use. Stitched ciphersuites are optimised implementations of certain commonly used ciphersuites. Also the application must call SSL_shutdown() twice even if a protocol error has occurred (applications should not do this but some do anyway). Fixed in OpenSSL 1.0.2r (Affected 1.0.2-1.0.2q).
CVE-2019-5758 4 Debian, Fedoraproject, Google and 1 more 6 Debian Linux, Fedora, Chrome and 3 more 2023-12-10 6.8 MEDIUM 8.8 HIGH
Incorrect object lifecycle management in Blink in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2018-17142 2 Fedoraproject, Golang 2 Fedora, Net 2023-12-10 5.0 MEDIUM 7.5 HIGH
The html package (aka x/net/html) through 2018-09-17 in Go mishandles <math><template><mo><template>, leading to a "panic: runtime error" in parseCurrentToken in parse.go during an html.Parse call.
CVE-2018-8786 5 Canonical, Debian, Fedoraproject and 2 more 10 Ubuntu Linux, Debian Linux, Fedora and 7 more 2023-12-10 7.5 HIGH 9.8 CRITICAL
FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that leads to a Heap-Based Buffer Overflow in function update_read_bitmap_update() and results in a memory corruption and probably even a remote code execution.
CVE-2019-7573 5 Canonical, Debian, Fedoraproject and 2 more 5 Ubuntu Linux, Debian Linux, Fedora and 2 more 2023-12-10 6.8 MEDIUM 8.8 HIGH
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (inside the wNumCoef loop).
CVE-2019-8383 4 Advancemame, Debian, Fedoraproject and 1 more 6 Advancecomp, Debian Linux, Fedora and 3 more 2023-12-10 6.8 MEDIUM 7.8 HIGH
An issue was discovered in AdvanceCOMP through 2.1. An invalid memory address occurs in the function adv_png_unfilter_8 in lib/png.c. It can be triggered by sending a crafted file to a binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact when a victim opens a specially crafted file.
CVE-2018-10844 5 Canonical, Debian, Fedoraproject and 2 more 7 Ubuntu Linux, Debian Linux, Fedora and 4 more 2023-12-10 4.3 MEDIUM 5.9 MEDIUM
It was found that the GnuTLS implementation of HMAC-SHA-256 was vulnerable to a Lucky thirteen style attack. Remote attackers could use this flaw to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data using crafted packets.
CVE-2019-9199 2 Fedoraproject, Podofo Project 2 Fedora, Podofo 2023-12-10 6.8 MEDIUM 8.8 HIGH
PoDoFo::Impose::PdfTranslator::setSource() in pdftranslator.cpp in PoDoFo 0.9.6 has a NULL pointer dereference that can (for example) be triggered by sending a crafted PDF file to the podofoimpose binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact.
CVE-2018-20662 5 Canonical, Debian, Fedoraproject and 2 more 11 Ubuntu Linux, Debian Linux, Fedora and 8 more 2023-12-10 4.3 MEDIUM 6.5 MEDIUM
In Poppler 0.72.0, PDFDoc::setup in PDFDoc.cc allows attackers to cause a denial-of-service (application crash caused by Object.h SIGABRT, because of a wrong return value from PDFDoc::setup) by crafting a PDF file in which an xref data structure is mishandled during extractPDFSubtype processing.
CVE-2018-18311 8 Apple, Canonical, Debian and 5 more 18 Mac Os X, Ubuntu Linux, Debian Linux and 15 more 2023-12-10 7.5 HIGH 9.8 CRITICAL
Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.
CVE-2018-18408 2 Broadcom, Fedoraproject 2 Tcpreplay, Fedora 2023-12-10 7.5 HIGH 9.8 CRITICAL
A use-after-free was discovered in the tcpbridge binary of Tcpreplay 4.3.0 beta1. The issue gets triggered in the function post_args() at tcpbridge.c, causing a denial of service or possibly unspecified other impact.
CVE-2018-19497 3 Debian, Fedoraproject, Sleuthkit 3 Debian Linux, Fedora, The Sleuth Kit 2023-12-10 4.3 MEDIUM 6.5 MEDIUM
In The Sleuth Kit (TSK) through 4.6.4, hfs_cat_traverse in tsk/fs/hfs.c does not properly determine when a key length is too large, which allows attackers to cause a denial of service (SEGV on unknown address with READ memory access in a tsk_getu16 call in hfs_dir_open_meta_cb in tsk/fs/hfs_dent.c).
CVE-2019-5757 4 Debian, Fedoraproject, Google and 1 more 6 Debian Linux, Fedora, Chrome and 3 more 2023-12-10 6.8 MEDIUM 8.8 HIGH
An incorrect object type assumption in SVG in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page.
CVE-2019-5760 4 Debian, Fedoraproject, Google and 1 more 6 Debian Linux, Fedora, Chrome and 3 more 2023-12-10 6.8 MEDIUM 8.8 HIGH
Insufficient checks of pointer validity in WebRTC in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.