Filtered by vendor Fedoraproject
Subscriptions
Filtered by product Fedora
Subscriptions
Total
5116 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-19270 | 2 Fedoraproject, Proftpd | 2 Fedora, Proftpd | 2024-08-05 | 7.5 High |
| An issue was discovered in tls_verify_crl in ProFTPD through 1.3.6b. Failure to check for the appropriate field of a CRL entry (checking twice for subject, rather than once for subject and once for issuer) prevents some valid CRLs from being taken into account, and can allow clients whose certificates have been revoked to proceed with a connection to the server. | ||||
| CVE-2019-19204 | 4 Debian, Fedoraproject, Oniguruma Project and 1 more | 6 Debian Linux, Fedora, Oniguruma and 3 more | 2024-08-05 | 7.5 High |
| An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function fetch_interval_quantifier (formerly known as fetch_range_quantifier) in regparse.c, PFETCH is called without checking PEND. This leads to a heap-based buffer over-read. | ||||
| CVE-2019-19126 | 5 Canonical, Debian, Fedoraproject and 2 more | 6 Ubuntu Linux, Debian Linux, Fedora and 3 more | 2024-08-05 | 3.3 Low |
| On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program. | ||||
| CVE-2019-19118 | 2 Djangoproject, Fedoraproject | 2 Django, Fedora | 2024-08-05 | 6.5 Medium |
| Django 2.1 before 2.1.15 and 2.2 before 2.2.8 allows unintended model editing. A Django model admin displaying inline related models, where the user has view-only permissions to a parent model but edit permissions to the inline model, would be presented with an editing UI, allowing POST requests, for updating the inline model. Directly editing the view-only parent model was not possible, but the parent model's save() method was called, triggering potential side effects, and causing pre and post-save signal handlers to be invoked. (To resolve this, the Django admin is adjusted to require edit permissions on the parent model in order for inline models to be editable.) | ||||
| CVE-2019-19057 | 8 Broadcom, Canonical, Debian and 5 more | 21 Brocade Fabric Operating System Firmware, Ubuntu Linux, Debian Linux and 18 more | 2024-08-05 | 3.3 Low |
| Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures, aka CID-d10dcb615c8e. | ||||
| CVE-2019-19072 | 4 Canonical, Fedoraproject, Linux and 1 more | 4 Ubuntu Linux, Fedora, Linux Kernel and 1 more | 2024-08-05 | 4.4 Medium |
| A memory leak in the predicate_parse() function in kernel/trace/trace_events_filter.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-96c5c6e6a5b6. | ||||
| CVE-2019-19063 | 8 Broadcom, Canonical, Fedoraproject and 5 more | 22 Brocade Fabric Operating System Firmware, Ubuntu Linux, Fedora and 19 more | 2024-08-05 | 4.6 Medium |
| Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption), aka CID-3f9361695113. | ||||
| CVE-2019-19068 | 6 Canonical, Debian, Fedoraproject and 3 more | 6 Ubuntu Linux, Debian Linux, Fedora and 3 more | 2024-08-05 | 4.6 Medium |
| A memory leak in the rtl8xxxu_submit_int_urb() function in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-a2cdd07488e6. | ||||
| CVE-2019-19054 | 6 Broadcom, Canonical, Fedoraproject and 3 more | 19 Brocade Fabric Operating System Firmware, Ubuntu Linux, Fedora and 16 more | 2024-08-05 | 4.7 Medium |
| A memory leak in the cx23888_ir_probe() function in drivers/media/pci/cx23885/cx23888-ir.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering kfifo_alloc() failures, aka CID-a7b2df76b42b. | ||||
| CVE-2019-19073 | 4 Fedoraproject, Linux, Opensuse and 1 more | 4 Fedora, Linux Kernel, Leap and 1 more | 2024-08-05 | 4.0 Medium |
| Memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering wait_for_completion_timeout() failures. This affects the htc_config_pipe_credits() function, the htc_setup_complete() function, and the htc_connect_service() function, aka CID-853acf7caf10. | ||||
| CVE-2019-19062 | 6 Canonical, Debian, Fedoraproject and 3 more | 7 Ubuntu Linux, Debian Linux, Fedora and 4 more | 2024-08-05 | 4.7 Medium |
| A memory leak in the crypto_report() function in crypto/crypto_user_base.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_report_alg() failures, aka CID-ffdde5932042. | ||||
| CVE-2019-19059 | 4 Canonical, Fedoraproject, Linux and 1 more | 5 Ubuntu Linux, Fedora, Linux Kernel and 2 more | 2024-08-05 | 4.7 Medium |
| Multiple memory leaks in the iwl_pcie_ctxt_info_gen3_init() function in drivers/net/wireless/intel/iwlwifi/pcie/ctxt-info-gen3.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering iwl_pcie_init_fw_sec() or dma_alloc_coherent() failures, aka CID-0f4f199443fa. | ||||
| CVE-2019-19043 | 3 Canonical, Fedoraproject, Linux | 3 Ubuntu Linux, Fedora, Linux Kernel | 2024-08-05 | 5.5 Medium |
| A memory leak in the i40e_setup_macvlans() function in drivers/net/ethernet/intel/i40e/i40e_main.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering i40e_setup_channel() failures, aka CID-27d461333459. | ||||
| CVE-2019-19056 | 6 Canonical, Debian, Fedoraproject and 3 more | 6 Ubuntu Linux, Debian Linux, Fedora and 3 more | 2024-08-05 | 4.7 Medium |
| A memory leak in the mwifiex_pcie_alloc_cmdrsp_buf() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures, aka CID-db8fd2cde932. | ||||
| CVE-2019-19058 | 5 Canonical, Fedoraproject, Linux and 2 more | 6 Ubuntu Linux, Fedora, Linux Kernel and 3 more | 2024-08-05 | 4.7 Medium |
| A memory leak in the alloc_sgtable() function in drivers/net/wireless/intel/iwlwifi/fw/dbg.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering alloc_page() failures, aka CID-b4b814fec1a5. | ||||
| CVE-2019-19050 | 5 Broadcom, Canonical, Fedoraproject and 2 more | 22 Fabric Operating System, Ubuntu Linux, Fedora and 19 more | 2024-08-05 | 7.5 High |
| A memory leak in the crypto_reportstat() function in crypto/crypto_user_stat.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_reportstat_alg() failures, aka CID-c03b04dcdba1. | ||||
| CVE-2019-19010 | 2 Fedoraproject, Limnoria Project | 2 Fedora, Limnoria | 2024-08-05 | 9.8 Critical |
| Eval injection in the Math plugin of Limnoria (before 2019.11.09) and Supybot (through 2018-05-09) allows remote unprivileged attackers to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands. | ||||
| CVE-2019-19005 | 3 Autotrace Project, Fedoraproject, Redhat | 3 Autotrace, Fedora, Enterprise Linux | 2024-08-05 | 7.8 High |
| A bitmap double free in main.c in autotrace 0.31.1 allows attackers to cause an unspecified impact via a malformed bitmap image. This may occur after the use-after-free in CVE-2017-9182. | ||||
| CVE-2019-19004 | 3 Autotrace Project, Fedoraproject, Redhat | 3 Autotrace, Fedora, Enterprise Linux | 2024-08-05 | 3.3 Low |
| A biWidth*biBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image. | ||||
| CVE-2019-19012 | 4 Debian, Fedoraproject, Oniguruma Project and 1 more | 5 Debian Linux, Fedora, Oniguruma and 2 more | 2024-08-05 | 9.8 Critical |
| An integer overflow in the search_in_range function in regexec.c in Oniguruma 6.x before 6.9.4_rc2 leads to an out-of-bounds read, in which the offset of this read is under the control of an attacker. (This only affects the 32-bit compiled version). Remote attackers can cause a denial-of-service or information disclosure, or possibly have unspecified other impact, via a crafted regular expression. | ||||