Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora 30 vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2019-14934
An issue exists in PDFResurrect prior to 0.18. pdf_load_pages_kids in pdf.c doesn't validate a certain size value, which leads to a malloc failure and out-of-bounds write.
Pdfresurrect Project Pdfresurrect
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Debian Debian Linux 9.0
7.5
CVSSv3
CVE-2019-9496
An invalid authentication sequence could result in the hostapd process terminating due to missing state validation steps when processing the SAE confirm message when in hostapd/AP mode. All version of hostapd with SAE support are vulnerable. An attacker may force the hostapd proc...
W1.fi Hostapd
W1.fi Wpa Supplicant
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
8.1
CVSSv3
CVE-2019-9497
The implementations of EAP-PWD in hostapd EAP Server and wpa_supplicant EAP Peer do not validate the scalar and element values in EAP-pwd-Commit. This vulnerability may allow an malicious user to complete EAP-PWD authentication without knowing the password. However, unless the cr...
W1.fi Hostapd
W1.fi Wpa Supplicant
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
9.8
CVSSv3
CVE-2019-9631
Poppler 0.74.0 has a heap-based buffer over-read in the CairoRescaleBox.cc downsample_row_box_filter function.
Freedesktop Poppler 0.74.0
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Debian Debian Linux 8.0
7
CVSSv3
CVE-2020-10174
init_tmp in TeeJee.FileSystem.vala in Timeshift prior to 20.03 unsafely reuses a preexisting temporary directory in the predictable location /tmp/timeshift. It follows symlinks in this location or uses directories owned by unprivileged users. Because Timeshift also executes scrip...
Timeshift Project Timeshift
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Canonical Ubuntu Linux 19.10
9.8
CVSSv3
CVE-2019-6446
An issue exists in NumPy 1.16.0 and previous versions. It uses the pickle Python module unsafely, which allows remote malicious users to execute arbitrary code via a crafted serialized object, as demonstrated by a numpy.load call. NOTE: third parties dispute this issue because it...
Numpy Numpy
Fedoraproject Fedora 30
3 Github repositories
8.8
CVSSv3
CVE-2018-1098
A cross-site request forgery flaw was found in etcd 3.3.1 and previous versions. An attacker can set up a website that tries to send a POST request to the etcd server and modify a key. Adding a key is done with PUT so it is theoretically safe (can't PUT from an HTML form or ...
Redhat Etcd
Fedoraproject Fedora 30
5.5
CVSSv3
CVE-2018-1099
DNS rebinding vulnerability found in etcd 3.3.1 and previous versions. An attacker can control his DNS records to direct to localhost, and trick the browser into sending requests to localhost (or any other address).
Redhat Etcd
Fedoraproject Fedora 30
6.5
CVSSv3
CVE-2019-13108
An integer overflow in Exiv2 up to and including 0.27.1 allows an malicious user to cause a denial of service (SIGSEGV) via a crafted PNG image file, because PngImage::readMetadata mishandles a zero value for iccOffset.
Exiv2 Exiv2
Fedoraproject Fedora 30
6.5
CVSSv3
CVE-2019-13109
An integer overflow in Exiv2 up to and including 0.27.1 allows an malicious user to cause a denial of service (SIGSEGV) via a crafted PNG image file, because PngImage::readMetadata mishandles a chunkLength - iccOffset subtraction.
Exiv2 Exiv2
Fedoraproject Fedora 30
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »