Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora 31 vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2020-7957
The IMAP and LMTP components in Dovecot 2.3.9 prior to 2.3.9.3 mishandle snippet generation when many characters must be read to compute the snippet and a trailing > character exists. This causes a denial of service in which the recipient cannot read all of their messages.
Dovecot Dovecot
Fedoraproject Fedora 30
Fedoraproject Fedora 31
8.1
CVSSv3
CVE-2019-18887
An issue exists in Symfony 2.8.0 up to and including 2.8.50, 3.4.0 up to and including 3.4.34, 4.2.0 up to and including 4.2.11, and 4.3.0 up to and including 4.3.7. The UriSigner was subject to timing attacks. This is related to symfony/http-kernel.
Sensiolabs Symfony
Fedoraproject Fedora 30
Fedoraproject Fedora 31
7.5
CVSSv3
CVE-2019-18888
An issue exists in Symfony 2.8.0 up to and including 2.8.50, 3.4.0 up to and including 3.4.34, 4.2.0 up to and including 4.2.11, and 4.3.0 up to and including 4.3.7. If an application passes unvalidated user input as the file for which MIME type validation should occur, then arbi...
Sensiolabs Symfony
Fedoraproject Fedora 30
Fedoraproject Fedora 31
1 Github repository
7.5
CVSSv3
CVE-2020-7046
lib-smtp in submission-login and lmtp in Dovecot 2.3.9 prior to 2.3.9.3 mishandles truncated UTF-8 data in command parameters, as demonstrated by the unauthenticated triggering of a submission-login infinite loop.
Dovecot Dovecot
Fedoraproject Fedora 30
Fedoraproject Fedora 31
7.5
CVSSv3
CVE-2017-9107
An issue exists in adns prior to 1.5.2. It overruns reading a buffer if a domain ends with backslash. If the query domain ended with \, and adns_qf_quoteok_query was specified, qdparselabel would read additional bytes from the buffer and try to treat them as the escape sequence. ...
Gnu Adns
Fedoraproject Fedora 31
Fedoraproject Fedora 32
7.5
CVSSv3
CVE-2019-16865
An issue exists in Pillow prior to 6.2.0. When reading specially crafted invalid image files, the library can either allocate very large amounts of memory or take an extremely long period of time to process the image.
Python Pillow
Fedoraproject Fedora 30
Fedoraproject Fedora 31
5.3
CVSSv3
CVE-2019-19722
In Dovecot prior to 2.3.9.2, an attacker can crash a push-notification driver with a crafted email when push notifications are used, because of a NULL Pointer Dereference. The email must use a group address as either the sender or the recipient.
Dovecot Dovecot
Fedoraproject Fedora 30
Fedoraproject Fedora 31
8.8
CVSSv3
CVE-2017-9105
An issue exists in adns prior to 1.5.2. It corrupts a pointer when a nameserver speaks first because of a wrong number of pointer dereferences. This bug may well be exploitable as a remote code execution.
Gnu Adns
Fedoraproject Fedora 31
Fedoraproject Fedora 32
7.5
CVSSv3
CVE-2017-9106
An issue exists in adns prior to 1.5.2. adns_rr_info mishandles a bogus *datap. The general pattern for formatting integers is to sprintf into a fixed-size buffer. This is correct if the input is in the right range; if it isn't, the buffer may be overrun (depending on the si...
Gnu Adns
Fedoraproject Fedora 31
Fedoraproject Fedora 32
5.9
CVSSv3
CVE-2020-24661
GNOME Geary prior to 3.36.3 mishandles pinned TLS certificate verification for IMAP and SMTP services using invalid TLS certificates (e.g., self-signed certificates) when the client system is not configured to use a system-provided PKCS#11 store. This allows a meddler in the midd...
Gnome Geary
Fedoraproject Fedora 31
Fedoraproject Fedora 32
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »