Filtered by vendor Fedoraproject
Subscribe
Total
5338 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-19066 | 6 Canonical, Debian, Fedoraproject and 3 more | 6 Ubuntu Linux, Debian Linux, Fedora and 3 more | 2024-11-21 | 4.7 MEDIUM | 4.7 MEDIUM |
| A memory leak in the bfad_im_get_stats() function in drivers/scsi/bfa/bfad_attr.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering bfa_port_get_stats() failures, aka CID-0e62395da2bd. | |||||
| CVE-2019-19063 | 7 Broadcom, Canonical, Fedoraproject and 4 more | 20 Brocade Fabric Operating System Firmware, Ubuntu Linux, Fedora and 17 more | 2024-11-21 | 4.9 MEDIUM | 4.6 MEDIUM |
| Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption), aka CID-3f9361695113. | |||||
| CVE-2019-19062 | 6 Canonical, Debian, Fedoraproject and 3 more | 6 Ubuntu Linux, Debian Linux, Fedora and 3 more | 2024-11-21 | 4.7 MEDIUM | 4.7 MEDIUM |
| A memory leak in the crypto_report() function in crypto/crypto_user_base.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_report_alg() failures, aka CID-ffdde5932042. | |||||
| CVE-2019-19059 | 3 Canonical, Fedoraproject, Linux | 3 Ubuntu Linux, Fedora, Linux Kernel | 2024-11-21 | 4.7 MEDIUM | 4.7 MEDIUM |
| Multiple memory leaks in the iwl_pcie_ctxt_info_gen3_init() function in drivers/net/wireless/intel/iwlwifi/pcie/ctxt-info-gen3.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering iwl_pcie_init_fw_sec() or dma_alloc_coherent() failures, aka CID-0f4f199443fa. | |||||
| CVE-2019-19058 | 4 Canonical, Fedoraproject, Linux and 1 more | 4 Ubuntu Linux, Fedora, Linux Kernel and 1 more | 2024-11-21 | 4.7 MEDIUM | 4.7 MEDIUM |
| A memory leak in the alloc_sgtable() function in drivers/net/wireless/intel/iwlwifi/fw/dbg.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering alloc_page() failures, aka CID-b4b814fec1a5. | |||||
| CVE-2019-19057 | 7 Broadcom, Canonical, Debian and 4 more | 20 Brocade Fabric Operating System Firmware, Ubuntu Linux, Debian Linux and 17 more | 2024-11-21 | 2.1 LOW | 3.3 LOW |
| Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures, aka CID-d10dcb615c8e. | |||||
| CVE-2019-19056 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2024-11-21 | 4.7 MEDIUM | 4.7 MEDIUM |
| A memory leak in the mwifiex_pcie_alloc_cmdrsp_buf() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures, aka CID-db8fd2cde932. | |||||
| CVE-2019-19055 | 3 Canonical, Fedoraproject, Linux | 3 Ubuntu Linux, Fedora, Linux Kernel | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| A memory leak in the nl80211_get_ftm_responder_stats() function in net/wireless/nl80211.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering nl80211hdr_put() failures, aka CID-1399c59fa929. NOTE: third parties dispute the relevance of this because it occurs on a code path where a successful allocation has already occurred | |||||
| CVE-2019-19054 | 6 Broadcom, Canonical, Fedoraproject and 3 more | 19 Brocade Fabric Operating System Firmware, Ubuntu Linux, Fedora and 16 more | 2024-11-21 | 4.7 MEDIUM | 4.7 MEDIUM |
| A memory leak in the cx23888_ir_probe() function in drivers/media/pci/cx23885/cx23888-ir.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering kfifo_alloc() failures, aka CID-a7b2df76b42b. | |||||
| CVE-2019-19050 | 5 Broadcom, Canonical, Fedoraproject and 2 more | 22 Fabric Operating System, Ubuntu Linux, Fedora and 19 more | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| A memory leak in the crypto_reportstat() function in crypto/crypto_user_stat.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_reportstat_alg() failures, aka CID-c03b04dcdba1. | |||||
| CVE-2019-19046 | 3 Fedoraproject, Linux, Opensuse | 3 Fedora, Linux Kernel, Leap | 2024-11-21 | 6.8 MEDIUM | 6.5 MEDIUM |
| A memory leak in the __ipmi_bmc_register() function in drivers/char/ipmi/ipmi_msghandler.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering ida_simple_get() failure, aka CID-4aa7afb0ee20. NOTE: third parties dispute the relevance of this because an attacker cannot realistically control this failure at probe time | |||||
| CVE-2019-19043 | 3 Canonical, Fedoraproject, Linux | 3 Ubuntu Linux, Fedora, Linux Kernel | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| A memory leak in the i40e_setup_macvlans() function in drivers/net/ethernet/intel/i40e/i40e_main.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering i40e_setup_channel() failures, aka CID-27d461333459. | |||||
| CVE-2019-19012 | 4 Debian, Fedoraproject, Oniguruma Project and 1 more | 4 Debian Linux, Fedora, Oniguruma and 1 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An integer overflow in the search_in_range function in regexec.c in Oniguruma 6.x before 6.9.4_rc2 leads to an out-of-bounds read, in which the offset of this read is under the control of an attacker. (This only affects the 32-bit compiled version). Remote attackers can cause a denial-of-service or information disclosure, or possibly have unspecified other impact, via a crafted regular expression. | |||||
| CVE-2019-19010 | 2 Fedoraproject, Limnoria Project | 2 Fedora, Limnoria | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Eval injection in the Math plugin of Limnoria (before 2019.11.09) and Supybot (through 2018-05-09) allows remote unprivileged attackers to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands. | |||||
| CVE-2019-19005 | 2 Autotrace Project, Fedoraproject | 2 Autotrace, Fedora | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A bitmap double free in main.c in autotrace 0.31.1 allows attackers to cause an unspecified impact via a malformed bitmap image. This may occur after the use-after-free in CVE-2017-9182. | |||||
| CVE-2019-19004 | 2 Autotrace Project, Fedoraproject | 2 Autotrace, Fedora | 2024-11-21 | 4.3 MEDIUM | 3.3 LOW |
| A biWidth*biBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image. | |||||
| CVE-2019-18934 | 3 Fedoraproject, Nlnetlabs, Opensuse | 3 Fedora, Unbound, Leap | 2024-11-21 | 6.8 MEDIUM | 7.3 HIGH |
| Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code execution after receiving a specially crafted answer. This issue can only be triggered if unbound was compiled with `--enable-ipsecmod` support, and ipsecmod is enabled and used in the configuration. | |||||
| CVE-2019-18928 | 3 Cyrus, Debian, Fedoraproject | 3 Imap, Debian Linux, Fedora | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Cyrus IMAP 2.5.x before 2.5.14 and 3.x before 3.0.12 allows privilege escalation because an HTTP request may be interpreted in the authentication context of an unrelated previous request that arrived over the same connection. | |||||
| CVE-2019-18889 | 2 Fedoraproject, Sensiolabs | 2 Fedora, Symfony | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Symfony 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. Serializing certain cache adapter interfaces could result in remote code injection. This is related to symfony/cache. | |||||
| CVE-2019-18888 | 2 Fedoraproject, Sensiolabs | 2 Fedora, Symfony | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Symfony 2.8.0 through 2.8.50, 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. If an application passes unvalidated user input as the file for which MIME type validation should occur, then arbitrary arguments are passed to the underlying file command. This is related to symfony/http-foundation (and symfony/mime in 4.3.x). | |||||