Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora 29 vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2019-12802
In radare2 up to and including 3.5.1, the rcc_context function of libr/egg/egg_lang.c mishandles changing context. This allows remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact (invalid memory access in r_egg_lang_pa...
Radare Radare2
Fedoraproject Fedora 29
Fedoraproject Fedora 30
7.5
CVSSv3
CVE-2018-17846
The html package (aka x/net/html) through 2018-09-25 in Go mishandles <table><math><select><mi><select></table>, leading to an infinite loop during an html.Parse call because inSelectIM and inSelectInTableIM do not comply with a specification.
Golang Net
Fedoraproject Fedora 28
Fedoraproject Fedora 29
7.5
CVSSv3
CVE-2018-17847
The html package (aka x/net/html) through 2018-09-25 in Go mishandles <svg><template><desc><t><svg></template>, leading to a "panic: runtime error" (index out of range) in (*nodeStack).pop in node.go, called from (*parser).clearActive...
Golang Net
Fedoraproject Fedora 28
Fedoraproject Fedora 29
7.5
CVSSv3
CVE-2018-17848
The html package (aka x/net/html) through 2018-09-25 in Go mishandles <math><template><mn><b></template>, leading to a "panic: runtime error" (index out of range) in (*insertionModeStack).pop in node.go, called from inHeadIM, during an html...
Golang Net
Fedoraproject Fedora 28
Fedoraproject Fedora 29
7.5
CVSSv3
CVE-2018-17143
The html package (aka x/net/html) through 2018-09-17 in Go mishandles <template><tBody><isindex/action=0>, leading to a "panic: runtime error" in inBodyIM in parse.go during an html.Parse call.
Golang Net
Fedoraproject Fedora 28
Fedoraproject Fedora 29
9.8
CVSSv3
CVE-2019-1010228
OFFIS.de DCMTK 3.6.3 and below is affected by: Buffer Overflow. The impact is: Possible code execution and confirmed Denial of Service. The component is: DcmRLEDecoder::decompress() (file dcrledec.h, line 122). The attack vector is: Many scenarios of DICOM file processing (e.g. D...
Offis Dcmtk
Fedoraproject Fedora 29
Fedoraproject Fedora 30
7.5
CVSSv3
CVE-2018-19591
In the GNU C Library (aka glibc or libc6) up to and including 2.28, attempting to resolve a crafted hostname via getaddrinfo() leads to the allocation of a socket descriptor that is not closed. This is related to the if_nametoindex() function.
Gnu Glibc
Fedoraproject Fedora 28
Fedoraproject Fedora 29
7.5
CVSSv3
CVE-2019-5885
Matrix Synapse prior to 0.34.0.1, when the macaroon_secret_key authentication parameter is not set, uses a predictable value to derive a secret key and other secrets which could allow remote malicious users to impersonate users.
Matrix Synapse
Fedoraproject Fedora 28
Fedoraproject Fedora 29
7.8
CVSSv3
CVE-2019-13282
In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in SampledFunction::transform in Function.cc when using a large index for samples. It can, for example, be triggered by sending a crafted PDF document to the pdftotext tool. It allows an malicious user to use a cra...
Glyphandcog Xpdfreader 4.01.01
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
7.8
CVSSv3
CVE-2019-13281
In Xpdf 4.01.01, a heap-based buffer overflow could be triggered in DCTStream::decodeImage() in Stream.cc when writing to frameBuf memory. It can, for example, be triggered by sending a crafted PDF document to the pdftotext tool. It allows an malicious user to use a crafted pdf f...
Glyphandcog Xpdfreader 4.01.01
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »