Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora 31 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2019-10218
A flaw was found in the samba client, all samba versions before samba 4.11.2, 4.10.10 and 4.9.15, where a malicious server can supply a pathname to the client with separators. This could allow the client to access files and folders outside of the SMB network pathnames. An attacke...
Samba Samba
Fedoraproject Fedora 29
Fedoraproject Fedora 31
6.8
CVSSv2
CVE-2019-14867
A flaw was found in IPA, all 4.6.x versions prior to 4.6.7, all 4.7.x versions prior to 4.7.4 and all 4.8.x versions prior to 4.8.3, in the way the internal function ber_scanf() was used in some components of the IPA server, which parsed kerberos key data. An unauthenticated atta...
Freeipa Freeipa
Fedoraproject Fedora 30
Fedoraproject Fedora 31
1 Github repository
7.5
CVSSv2
CVE-2019-19010
Eval injection in the Math plugin of Limnoria (prior to 2019.11.09) and Supybot (through 2018-05-09) allows remote unprivileged malicious users to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands.
Limnoria Project Limnoria
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
6.8
CVSSv2
CVE-2019-18182
pacman prior to 5.2 is vulnerable to arbitrary command injection in conf.c in the download_with_xfercommand() function. This can be exploited when unsigned databases are used. To exploit the vulnerability, the user must enable a non-default XferCommand and retrieve an attacker-co...
Pacman Project Pacman
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
5
CVSSv2
CVE-2019-11412
An issue exists in Artifex MuJS 1.0.5. jscompile.c can cause a denial of service (invalid stack-frame jump) because it lacks an ENDTRY opcode call.
Artifex Mujs 1.0.5
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
6.8
CVSSv2
CVE-2019-13281
In Xpdf 4.01.01, a heap-based buffer overflow could be triggered in DCTStream::decodeImage() in Stream.cc when writing to frameBuf memory. It can, for example, be triggered by sending a crafted PDF document to the pdftotext tool. It allows an malicious user to use a crafted pdf f...
Glyphandcog Xpdfreader 4.01.01
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
6.8
CVSSv2
CVE-2019-13282
In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in SampledFunction::transform in Function.cc when using a large index for samples. It can, for example, be triggered by sending a crafted PDF document to the pdftotext tool. It allows an malicious user to use a cra...
Glyphandcog Xpdfreader 4.01.01
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
5
CVSSv2
CVE-2019-14844
A flaw was found in, Fedora versions of krb5 from 1.16.1 to, including 1.17.x, in the way a Kerberos client could crash the KDC by sending one of the RFC 4556 "enctypes". A remote unauthenticated user could use this flaw to crash the KDC.
Mit Kerberos 5
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
6.8
CVSSv2
CVE-2019-18183
pacman prior to 5.2 is vulnerable to arbitrary command injection in lib/libalpm/sync.c in the apply_deltas() function. This can be exploited when unsigned databases are used. To exploit the vulnerability, the user must enable the non-default delta feature and retrieve an attacker...
Pacman Project Pacman
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
6.8
CVSSv2
CVE-2019-13283
In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in strncpy from FoFiType1::parse in fofi/FoFiType1.cc because it does not ensure the source string has a valid length before making a fixed-length copy. It can, for example, be triggered by sending a crafted PDF do...
Glyphandcog Xpdfreader 4.01.01
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »