Vulnerabilities (CVE)

Vendor filter

Fedoraproject Subscribe

Product filter

Fedora Subscribe

Filter

715 total CVE
CVE Vendors Products Updated CVSS
CVE-2015-4645 2 Squashfs Project, Fedoraproject 2 Squashfs, Fedora 2019-07-22 4.3
Integer overflow in the read_fragment_table_4 function in unsquash-4.c in Squashfs and sasquatch allows remote attackers to cause a denial of service (application crash) via a crafted input, which triggers a stack-based buffer overflow.
CVE-2018-18311 7 Perl, Canonical, Debian and 4 more 17 Perl, Ubuntu Linux, Debian Linux and 14 more 2019-07-16 7.5
Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.
CVE-2018-18898 2 Bestpractical, Fedoraproject 2 Request Tracker, Fedora 2019-07-16 5.0
The email-ingestion feature in Best Practical Request Tracker 4.1.13 through 4.4 allows denial of service by remote attackers via an algorithmic complexity attack on email address parsing.
CVE-2013-0334 4 Bundler, Fedoraproject, Novell and 1 more 4 Fedora, Bundler, Opensuse and 1 more 2019-07-16 5.0
Bundler before 1.7, when multiple top-level source lines are used, allows remote attackers to install arbitrary gems by creating a gem with the same name as another gem in a different source.
CVE-2019-7165 3 Dosbox, Debian, Fedoraproject 3 Dosbox, Debian Linux, Fedora 2019-07-11 7.5
A buffer overflow in DOSBox 0.74-2 allows attackers to execute arbitrary code.
CVE-2019-10143 2 Freeradius, Fedoraproject 2 Freeradius, Fedora 2019-07-09 6.9
** DISPUTED ** It was discovered freeradius up to and including version 3.0.19 does not correctly configure logrotate, allowing a local attacker who already has control of the radiusd user to escalate his privileges to root, by tricking logrotate...
CVE-2019-6975 3 Djangoproject, Canonical, Fedoraproject 3 Django, Ubuntu Linux, Fedora 2019-07-06 5.0
Django 1.11.x before 1.11.19, 2.0.x before 2.0.11, and 2.1.x before 2.1.6 allows Uncontrolled Memory Consumption via a malicious attacker-supplied value to the django.utils.numberformat.format() function.
CVE-2009-3555 8 Mozilla, Openssl, Microsoft and 5 more 9 Openssl, Nss, Iis and 6 more 2019-07-03 5.8
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network...
CVE-2019-5819 3 Google, Fedoraproject, Opensuse 4 Chrome, Fedora, Backports and 1 more 2019-07-03 4.4
Insufficient data validation in developer tools in Google Chrome on OS X prior to 74.0.3729.108 allowed a local attacker to execute arbitrary code via a crafted string copied to clipboard.
CVE-2019-5820 3 Google, Fedoraproject, Opensuse 4 Chrome, Fedora, Backports and 1 more 2019-07-02 6.8
Integer overflow in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
CVE-2019-5821 3 Google, Fedoraproject, Opensuse 4 Chrome, Fedora, Backports and 1 more 2019-07-02 6.8
Integer overflow in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
CVE-2019-5822 3 Google, Fedoraproject, Opensuse 4 Chrome, Fedora, Backports and 1 more 2019-07-02 6.8
Inappropriate implementation in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass same origin policy via a crafted HTML page.
CVE-2019-5818 3 Google, Fedoraproject, Opensuse 4 Chrome, Fedora, Backports and 1 more 2019-07-01 4.3
Uninitialized data in media in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted video file.
CVE-2019-5814 3 Google, Fedoraproject, Opensuse 4 Chrome, Fedora, Backports and 1 more 2019-07-01 4.3
Insufficient policy enforcement in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2019-5833 3 Google, Fedoraproject, Opensuse 4 Chrome, Fedora, Backports and 1 more 2019-07-01 4.3
Incorrect dialog box scoping in browser in Google Chrome on Android prior to 75.0.3770.80 allowed a remote attacker to display misleading security UI via a crafted HTML page.
CVE-2019-5805 3 Google, Fedoraproject, Opensuse 3 Chrome, Fedora, Leap 2019-07-01 4.3
Use-after-free in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
CVE-2019-5806 3 Google, Fedoraproject, Opensuse 3 Chrome, Fedora, Leap 2019-07-01 6.8
Integer overflow in ANGLE in Google Chrome on Windows prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-5807 3 Google, Fedoraproject, Opensuse 3 Chrome, Fedora, Leap 2019-07-01 6.8
Object lifetime issue in V8 in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-5834 3 Google, Fedoraproject, Opensuse 4 Chrome, Fedora, Backports and 1 more 2019-07-01 4.3
Insufficient data validation in Blink in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
CVE-2019-5811 3 Google, Fedoraproject, Opensuse 3 Chrome, Fedora, Leap 2019-07-01 6.8
Incorrect handling of CORS in ServiceWorker in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass same origin policy via a crafted HTML page.