Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora 30 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-9631
Poppler 0.74.0 has a heap-based buffer over-read in the CairoRescaleBox.cc downsample_row_box_filter function.
Freedesktop Poppler 0.74.0
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Debian Debian Linux 8.0
7.5
CVSSv3
CVE-2019-9496
An invalid authentication sequence could result in the hostapd process terminating due to missing state validation steps when processing the SAE confirm message when in hostapd/AP mode. All version of hostapd with SAE support are vulnerable. An attacker may force the hostapd proc...
W1.fi Hostapd
W1.fi Wpa Supplicant
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
8.1
CVSSv3
CVE-2019-9497
The implementations of EAP-PWD in hostapd EAP Server and wpa_supplicant EAP Peer do not validate the scalar and element values in EAP-pwd-Commit. This vulnerability may allow an malicious user to complete EAP-PWD authentication without knowing the password. However, unless the cr...
W1.fi Hostapd
W1.fi Wpa Supplicant
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
7.8
CVSSv3
CVE-2019-14934
An issue exists in PDFResurrect prior to 0.18. pdf_load_pages_kids in pdf.c doesn't validate a certain size value, which leads to a malloc failure and out-of-bounds write.
Pdfresurrect Project Pdfresurrect
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Debian Debian Linux 9.0
7
CVSSv3
CVE-2020-10174
init_tmp in TeeJee.FileSystem.vala in Timeshift prior to 20.03 unsafely reuses a preexisting temporary directory in the predictable location /tmp/timeshift. It follows symlinks in this location or uses directories owned by unprivileged users. Because Timeshift also executes scrip...
Timeshift Project Timeshift
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Canonical Ubuntu Linux 19.10
5.5
CVSSv3
CVE-2018-1099
DNS rebinding vulnerability found in etcd 3.3.1 and previous versions. An attacker can control his DNS records to direct to localhost, and trick the browser into sending requests to localhost (or any other address).
Redhat Etcd
Fedoraproject Fedora 30
6.8
CVSSv3
CVE-2019-19579
An issue exists in Xen up to and including 4.12.x allowing malicious users to gain host OS privileges via DMA in a situation where an untrusted domain has access to a physical device (and assignable-add is not used), because of an incomplete fix for CVE-2019-18424. XSA-302 relies...
Xen Xen
Fedoraproject Fedora 30
6.5
CVSSv3
CVE-2019-13108
An integer overflow in Exiv2 up to and including 0.27.1 allows an malicious user to cause a denial of service (SIGSEGV) via a crafted PNG image file, because PngImage::readMetadata mishandles a zero value for iccOffset.
Exiv2 Exiv2
Fedoraproject Fedora 30
9.8
CVSSv3
CVE-2019-6446
An issue exists in NumPy 1.16.0 and previous versions. It uses the pickle Python module unsafely, which allows remote malicious users to execute arbitrary code via a crafted serialized object, as demonstrated by a numpy.load call. NOTE: third parties dispute this issue because it...
Numpy Numpy
Fedoraproject Fedora 30
3 Github repositories
8.8
CVSSv3
CVE-2020-6378
Use after free in speech in Google Chrome before 79.0.3945.130 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
Fedoraproject Fedora 30
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065
open redirect
CVE-2024-1086
path traversal
CVE-2024-29825
XXE
CVE-2024-29822
CVE-2024-20696
CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »