Endpoint Vuln Protection

Name Status Update
CVE-2019-20446chromium: librsvg: Resource exhaustion via crafted SVG file with nested patterns [fedora-all]
Add
chromium
CVE-2020-6405sqlite: Out-of-bounds read in SELECT with ON/USING clause
Add
sqlite
CVE-2020-6381CVE-2020-6382CVE-2020-6385CVE-2020-6387CVE-2020-6388CVE-2020-6389CVE-2020-6390CVE-2020-6391CVE-2020-6392CVE-2020-6393CVE-2020-6394CVE-2020-6395CVE-2020-6396CVE-2020-6397CVE-2020-6398... chromium: various flaws [fedora-all]
Add
chromium
CVE-2020-10531ICU: Integer overflow in UnicodeString::doAppend()
Add
ICU
CVE-2020-6418chromium: chromium-browser: type confusion in V8 [fedora-all]
Add
chromium
CVE-2020-10531chromium: ICU: Integer overflow in UnicodeString::doAppend() [fedora-all]
Add
chromium
CVE-2020-6407chromium: chromium-browser: out of bounds memory access in streams [fedora-all]
Add
chromium
CVE-2020-6383CVE-2020-6384CVE-2020-6386chromium: various flaws [fedora-all]
Add
chromium
CVE-2020-6420chromium: chromium-browser: Insufficient policy enforcement in media [fedora-all]
Add
chromium
CVE-2017-8073weechat: Buffer overflow in the irc_ctcp_dcc_filename_without_quotes function [epel-all]
Add
weechat
weechat: Uninitialized buffer used in logger plugin [epel-all]
Add
weechat
CVE-2020-8955weechat: denial of service in irc_mode_channel_update in plugins/irc/irc-mode.c [fedora-all]
Add
weechat
CVE-2020-8955weechat: denial of service in irc_mode_channel_update in plugins/irc/irc-mode.c [epel-all]
Add
weechat
CVE-2020-1739ansible: svn module leaks password when specified as a parameter [fedora-all]
Add
ansible
CVE-2020-1737ansible: Extract-Zip function in win_unzip module does not check extracted path [fedora-all]
Add
ansible
CVE-2020-8813cacti: remote code can be executed when guest users have access to realtime graphs [epel-all]
Add
cacti
CVE-2020-7247opensmtpd: arbitrary commands execution in smtp_mailaddr in smtp_session.c via crafted SMTP session [fedora-all]
Add
opensmtpd
CVE-2020-8793opensmtpd: Reading of arbitrary file by unprivileged attacker can result in information disclosure or privilege escalation [fedora-all]
Add
opensmtpd
CVE-2020-8794opensmtpd: An out-of-bounds read could lead to remote code execution [fedora-all]
Add
opensmtpd
CVE-2019-6472kea: packet containing a malformed DUID
Add
kea
CVE-2019-6472kea: packet containing a malformed DUID [epel-7]
Add
kea
CVE-2019-6473kea: packed containing a malformed code causing assertion failure
Add
kea
CVE-2019-6473kea: packed containing a malformed code causing assertion failure [epel-7]
Add
kea
CVE-2019-6474kea: ncoming client requests can lead to server restart
Add
kea
CVE-2019-6474kea: ncoming client requests can lead to server restart [epel-7]
Add
kea
CVE-2019-17546libtiff: integer overflow leading to heap-based buffer overflow in tif_getimage.c [fedora-all]
Add
libtiff
Security patch #79329 available for PHP
Add
PHP
Security Vulnerability CVE-2020-10531 for Google Chrome
Add
Google Chrome
CVE-2019-19769kernel: use-after-free in perf_trace_lock_acquire related to include/trace/events/lock.h
Add
kernel
CVE-2019-19769kernel: use-after-free in perf_trace_lock_acquire related to include/trace/events/lock.h [fedora-all]
Add
kernel
drupal8: Drupal: in HTML data processor pasting specially crafted HTML code could result in XSS [fedora-all]
Add
drupal8
CVE-2020-9359okular: local binary execution via specially crafted PDF files
Add
okular
CVE-2020-9359okular: local binary execution via specially crafted PDF files [fedora-all]
Add
okular
CVE-2020-6424CVE-2020-6425CVE-2020-6426CVE-2020-6427CVE-2020-6428CVE-2020-6429CVE-2020-6449chromium: various flaws [fedora-all]
Add
chromium
CVE-2020-6422chromium: chromium-browser: Use after free in WebGL [fedora-all]
Add
chromium
CVE-2020-1747PyYAML: arbitrary command execution through python/object/new when FullLoader is used
Add
PyYAML
CVE-2020-1747PyYAML: arbitrary command execution through python/object/new when FullLoader is used [fedora-all]
Add
PyYAML
CVE-2019-14751python-nltk: directory traversal vulnerability allows attackers to write arbitrary files via ../ [fedora-all]
Add
python-nltk
varnish: remote clients may cause Varnish to assert and restart which could result in DoS
Add
varnish
varnish: assert could result in DoS [fedora-all]
Add
varnish
CVE-2020-10174timeshift: Arbitrary local code execution due to unsafe usage of temporary directory in /tmp/timeshift
Add
timeshift
CVE-2020-10174timeshift: Arbitrary local code execution due to unsafe usage of temporary directory in /tmp/timeshift [fedora-all]
Add
timeshift
Security Vulnerability CVE-2020-6427 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6426 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6425 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6424 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6422 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6420 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6429 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6428 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6449 for Google Chrome
Add
Google Chrome
CVE-2020-10188telnet-server: no bounds checks in nextitem() function allows to remotely execute arbitrary code
Add
telnet-server
CVE-2020-10188telnet: telnet-server: Arbitrary remote code execution in utility.c via short writes or urgent data [fedora-all]
Add
telnet
CVE-2020-10029glibc: stack corruption from crafted input in cosl, sinl, sincosl, and tanl functions [fedora-all]
Add
glibc
CVE-2020-1752glibc: use-after-free in glob() function when expanding user [fedora-all]
Add
glibc
CVE-2019-12528squid: Information Disclosure issue in FTP Gateway [fedora-all]
Add
squid
CVE-2020-8449squid: Improper input validation issues in HTTP Request processing [fedora-all]
Add
squid
CVE-2020-8450squid: Buffer overflow in a Squid acting as reverse-proxy [fedora-all]
Add
squid
CVE-2020-6061coturn: specially crafted HTTP POST request can lead to heap overflow which can result in information leak
Add
coturn
CVE-2020-6061coturn: specially crafted HTTP POST request can lead to heap overflow which can result in information leak [fedora-all]
Add
coturn
CVE-2020-6062coturn: specially crafted HTTP POST request can lead to server crash and denial of service
Add
coturn
CVE-2020-6062coturn: specially crafted HTTP POST request can lead to server crash and denial of service [fedora-all]
Add
coturn
CVE-2020-10804phpMyAdmin: SQL injection was found in retrieval of the current username which could result privilege escalation
Add
phpMyAdmin
CVE-2020-10804phpMyAdmin: SQL vulnerability was found in retrieval of the current username which could result privilege escalation [fedora-all]
Add
phpMyAdmin
CVE-2020-10803phpMyAdmin: Inserting specially crafted code in database tables, retrieving and displaying resuts could result in XSS
Add
phpMyAdmin
CVE-2020-10803phpMyAdmin: Inserting specially crafted code in database tables, retrieving and displaying resuts could result in XSS [fedora-all]
Add
phpMyAdmin
CVE-2020-10802phpMyAdmin: SQL injection was found in generating certain queries for search actions which could result in malicious D M
Add
phpMyAdmin
CVE-2020-10802phpMyAdmin: SQL injection was found in generating certain queries for search actions which could result in malicious D M [fedora-all]
Add
phpMyAdmin
CVE-2019-19886libmodsecurity: denial of service in Transaction::addRequestHeader in transaction.cc [fedora-all]
Add
libmodsecurity
CVE-2019-19886libmodsecurity: denial of service in Transaction::addRequestHeader in transaction.cc [epel-7]
Add
libmodsecurity
CVE-2020-9281ckeditor: XSS in the HTML Data Processor allows remote attackers to inject arbitrary web script through a crafted "protected" comment [fedora-all]
Add
ckeditor
CVE-2020-9281ckeditor: XSS in the HTML Data Processor allows remote attackers to inject arbitrary web script through a crafted "protected" comment [epel-all]
Add
ckeditor
CVE-2019-19906cyrus-sasl: denial of service in _sasl_add_string function [fedora-all]
Add
cyrus-sasl
CVE-2019-19906cyrus-sasl: denial of service in _sasl_add_string function
Add
cyrus-sasl
CVE-2020-10174timeshift: Arbitrary local code execution due to unsafe usage of temporary directory in /tmp/timeshift [epel-7]
Add
timeshift
Security Vulnerabilities fixed in Firefox 74.0.1 and Firefox ESR 68.6.1
Add
Firefox
Security Vulnerabilities fixed in Firefox 74.0.1 and Firefox ESR 68.6.1
Add
Firefox ESR
CVE-2015-9541qt: XML entity expansion vulnerability
Add
qt
CVE-2015-9541qt5: qt: XML entity expansion vulnerability [fedora-all]
Add
qt5
CVE-2020-8835kernel: out-of-bounds read/write in the bpf verifier
Add
kernel
CVE-2020-8835kernel: out-of-bounds read/write in the bpf verifier [fedora-all]
Add
kernel
CVE-2020-6450CVE-2020-6451CVE-2020-6452chromium: various flaws [fedora-all]
Add
chromium
CVE-2020-5249rubygem-puma: attacker is able to use carriage return character to insert malicious content (HTTP Response Splitting), this could lead to XSS [fedora-all]
Add
rubygem-puma
CVE-2020-5247rubygem-puma: attacker is able to use newline characters to insert malicious content (HTTP Response Splitting), this could lead to XSS [fedora-all]
Add
rubygem-puma
CVE-2019-18182pacman: allows arbitrary command injection in conf.c in download_with_xfercommand function [fedora-all]
Add
pacman
CVE-2019-18183pacman: allows arbitrary command injection in lib/libalpm/sync.c in apply_deltas function [fedora-all]
Add
pacman
CVE-2020-7919golang: Integer overflow on 32bit architectures via crafted certificate allows for denial of service
Add
golang
CVE-2020-7919golang: Integer overflow on 32bit architectures via crafted certificate allows for denial of service [fedora-all]
Add
golang
CVE-2020-1751glibc: array overflow in backtrace functions for powerpc [fedora-all]
Add
glibc
CVE-2020-6061coturn: specially crafted HTTP POST request can lead to heap overflow which can result in information leak [epel-all]
Add
coturn
CVE-2020-6062coturn: specially crafted HTTP POST request can lead to server crash and denial of service [epel-all]
Add
coturn
CVE-2020-9359okular: local binary execution via specially crafted PDF files [epel-8]
Add
okular
Wireshark vulnerability wnpa-sec-2020-07
Add
Wireshark
Security Vulnerabilities fixed in Firefox ESR 68.7
Add
Firefox ESR
Security Vulnerabilities fixed in Firefox 75
Add
Firefox
CVE-2020-1730libssh: denial of service when handling AES-CTR (or DES) ciphers [fedora-all]
Add
libssh
CVE-2020-5260git: Crafted URL containing new lines can cause credential leak
Add
git
CVE-2020-5260git: Crafted URL containing new lines can cause credential leak [fedora-all]
Add
git
CVE-2020-11100haproxy: malformed HTTP/2 requests can lead to out-of-bounds writes
Add
haproxy
CVE-2019-18609librabbitmq: integer overflow in amqp_handle_input in amqp_connection.c leads to heap-based buffer overflow
Add
librabbitmq
CVE-2019-18609librabbitmq: integer overflow in amqp_handle_input in amqp_connection.c leads to heap-based buffer overflow [epel-6]
Add
librabbitmq
Security Vulnerabilities fixed in Thunderbird 68.7.0
Add
Thunderbird
Security Vulnerability CVE-2019-1547 in MySQL
Add
MySQL Server
Security Vulnerability CVE-2019-15601 in MySQL
Add
MySQL Server
Security Vulnerability CVE-2019-18197 in Oracle JRE
Add
Java JRE
Security Vulnerability CVE-2019-18197 in Oracle JDK
Add
Java JDK
Security Vulnerability CVE-2019-5482 in MySQL
Add
MySQL Server
Security Vulnerability CVE-2020-2752 in MySQL
Add
MySQL Server
Security Vulnerability CVE-2020-2754 in Oracle JRE
Add
Java JRE
Security Vulnerability CVE-2020-2754 in Oracle JDK
Add
Java JDK
Security Vulnerability CVE-2020-2755 in Oracle JRE
Add
Java JRE
Security Vulnerability CVE-2020-2755 in Oracle JDK
Add
Java JDK
Security Vulnerability CVE-2020-2756 in Oracle JRE
Add
Java JRE
Security Vulnerability CVE-2020-2756 in Oracle JDK
Add
Java JDK
Security Vulnerability CVE-2020-2757 in Oracle JRE
Add
Java JRE
Security Vulnerability CVE-2020-2757 in Oracle JDK
Add
Java JDK
Security Vulnerability CVE-2020-2759 in MySQL
Add
MySQL Server
Security Vulnerability CVE-2020-2760 in MySQL
Add
MySQL Server
Security Vulnerability CVE-2020-2761 in MySQL
Add
MySQL Server
Security Vulnerability CVE-2020-2762 in MySQL
Add
MySQL Server
Security Vulnerability CVE-2020-2763 in MySQL
Add
MySQL Server
Security Vulnerability CVE-2020-2765 in MySQL
Add
MySQL Server
Security Vulnerability CVE-2020-2767 in Oracle JRE
Add
Java JRE
Security Vulnerability CVE-2020-2767 in Oracle JDK
Add
Java JDK
Security Vulnerability CVE-2020-2770 in MySQL
Add
MySQL Server
Security Vulnerability CVE-2020-2773 in Oracle JRE
Add
Java JRE
Security Vulnerability CVE-2020-2773 in Oracle JDK
Add
Java JDK
Security Vulnerability CVE-2020-2774 in MySQL
Add
MySQL Server
Security Vulnerability CVE-2020-2778 in Oracle JRE
Add
Java JRE
Security Vulnerability CVE-2020-2778 in Oracle JDK
Add
Java JDK
Security Vulnerability CVE-2020-2779 in MySQL
Add
MySQL Server
Security Vulnerability CVE-2020-2780 in MySQL
Add
MySQL Server
Security Vulnerability CVE-2020-2781 in Oracle JRE
Add
Java JRE
Security Vulnerability CVE-2020-2781 in Oracle JDK
Add
Java JDK
Security Vulnerability CVE-2020-2790 in MySQL
Add
MySQL Server
Security Vulnerability CVE-2020-2800 in Oracle JRE
Add
Java JRE
Security Vulnerability CVE-2020-2800 in Oracle JDK
Add
Java JDK
Security Vulnerability CVE-2020-2803 in Oracle JRE
Add
Java JRE
Security Vulnerability CVE-2020-2803 in Oracle JDK
Add
Java JDK
Security Vulnerability CVE-2020-2804 in MySQL
Add
MySQL Server
Security Vulnerability CVE-2020-2805 in Oracle JRE
Add
Java JRE
Security Vulnerability CVE-2020-2805 in Oracle JDK
Add
Java JDK
Security Vulnerability CVE-2020-2806 in MySQL
Add
MySQL Server
Security Vulnerability CVE-2020-2812 in MySQL
Add
MySQL Server
Security Vulnerability CVE-2020-2814 in MySQL
Add
MySQL Server
Security Vulnerability CVE-2020-2816 in Oracle JRE
Add
Java JRE
Security Vulnerability CVE-2020-2816 in Oracle JDK
Add
Java JDK
Security Vulnerability CVE-2020-2830 in Oracle JRE
Add
Java JRE
Security Vulnerability CVE-2020-2830 in Oracle JDK
Add
Java JDK
Security Vulnerability CVE-2020-2853 in MySQL
Add
MySQL Server
Security Vulnerability CVE-2020-2892 in MySQL
Add
MySQL Server
Security Vulnerability CVE-2020-2893 in MySQL
Add
MySQL Server
Security Vulnerability CVE-2020-2895 in MySQL
Add
MySQL Server
Security Vulnerability CVE-2020-2896 in MySQL
Add
MySQL Server
Security Vulnerability CVE-2020-2897 in MySQL
Add
MySQL Server
Security Vulnerability CVE-2020-2898 in MySQL
Add
MySQL Server
Security Vulnerability CVE-2020-2901 in MySQL
Add
MySQL Server
Security Vulnerability CVE-2020-2903 in MySQL
Add
MySQL Server
Security Vulnerability CVE-2020-2904 in MySQL
Add
MySQL Server
Security Vulnerability CVE-2020-2921 in MySQL
Add
MySQL Server
Security Vulnerability CVE-2020-2922 in MySQL
Add
MySQL Server
Security Vulnerability CVE-2020-2923 in MySQL
Add
MySQL Server
Security Vulnerability CVE-2020-2924 in MySQL
Add
MySQL Server
Security Vulnerability CVE-2020-2925 in MySQL
Add
MySQL Server
Security Vulnerability CVE-2020-2926 in MySQL
Add
MySQL Server
Security Vulnerability CVE-2020-2928 in MySQL
Add
MySQL Server
Security Vulnerability CVE-2020-2930 in MySQL
Add
MySQL Server
Security patch #79330 available for PHP
Add
PHP
Security patch #79465 available for PHP
Add
PHP
Security Vulnerability CVE-2020-6423 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6451 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6456 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6430 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6431 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6432 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6433 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6434 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6435 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6436 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6437 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6438 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6439 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6445 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6444 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6447 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6446 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6443 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6442 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6448 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6454 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6455 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6452 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6450 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6441 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6440 for Google Chrome
Add
Google Chrome
SSL, TLS and DTLS Plaintext Recovery Attack
Mod
OpenSSL
SSL 3.0 Fallback protection
Mod
OpenSSL
SSLv2 doesn't block disabled ciphers
Mod
OpenSSL
Excessive allocation of memory in tls_get_message_header
Mod
OpenSSL
:BN_mod_exp may produce incorrect results on x86_64
Mod
OpenSSL
Security updates available in Foxit Reader for Mac and Linux 2.2
Mod
Foxit Reader
Security updates available in Foxit Reader for Windows 8.0.2, Foxit Reader for Mac/Linux 2.1, and Foxit PhantomPDF 8.0.2
Mod
Foxit Reader
CVE-2013-7070CVE-2013-7071CVE-2013-7072monitorix: HTTP server 'handle_request()' session fixation and XSS vulnerabilities
Mod
monitorix
monitorix: HTTP server 'handle_request()' session fixation and XSS vulnerabilities [epel-6]
Mod
monitorix
CVE-2015-3010ceph-deploy: keyring permissions are world readable in ceph
Mod
ceph-deploy
CVE-2015-3010ceph-deploy: keyring permissions are world readable in ceph [fedora-all]
Mod
ceph-deploy
CVE-2015-8894CVE-2015-8896ImageMagick: Double free vulnerabilities in coders pict.c,tga.c [fedora-all]
Mod
ImageMagick
CVE-2015-8614claws-mail: Stack overflow in conv_ jistoeuc,euctojis,sjistoeuc
Mod
claws-mail
CVE-2015-8614claws-mail: Stack overflow in conv_ jistoeuc,euctojis,sjistoeuc [fedora-all]
Mod
claws-mail
CVE-2016-1900cgit: Stored Cross Site Scripting and Header Injection in Filename Parameter
Mod
cgit
CVE-2016-1900cgit: Stored Cross Site Scripting and Header Injection in Filename Parameter [fedora-all]
Mod
cgit
CVE-2016-1900cgit: Stored Cross Site Scripting and Header Injection in Filename Parameter [epel-all]
Mod
cgit
CVE-2014-9761glibc: Unbounded stack allocation in nan functions [fedora-all]
Mod
glibc
CVE-2016-1572ecryptfs-utils: privilege escalation by mounting over /proc/pid [fedora-all]
Mod
ecryptfs-utils
CVE-2016-0799OpenSSL: Fix memory issues in BIO_printf functions
Mod
OpenSSL
CVE-2016-0799OpenSSL: Fix memory issues in BIO_printf functions [fedora-all]
Mod
OpenSSL
CVE-2016-0799mingw-openssl: OpenSSL: Fix memory issues in BIO_printf functions [fedora-all]
Mod
openssl
CVE-2016-4072php: Invalid memory write in phar on filename containing 0 inside name
Mod
php
CVE-2016-4072php: Invalid memory write in phar on filename containing 0 inside name [fedora-all]
Mod
php
CVE-2015-8325openssh: ignore PAM environment vars when UseLogin is yes [fedora-all]
Mod
openssh
CVE-2015-8325gsi-openssh: openssh: privilege escalation via user's PAM environment and UseLogin [fedora-all]
Mod
gsi-openssh
CVE-2016-1583kernel: Stack overflow via ecryptfs and /proc/pid/environ [fedora-all]
Mod
kernel
CVE-2016-6185perl: XSLoader loads relative paths not included in INC
Mod
perl
CVE-2013-7458redis: world-readable rediscli_history [fedora-all]
Mod
redis
CVE-2013-7458redis: world-readable rediscli_history [epel-all]
Mod
redis
CVE-2016-9014python-django: DNS rebinding vulnerability when DEBUG set to True
Mod
python-django
CVE-2016-9179lynx: Invalid URL parsing of pages containing question mark [fedora-all]
Mod
lynx
CVE-2016-9793kernel: Signed overflow for SO_SND_RCV_BUFFORCE
Mod
kernel
CVE-2016-9793kernel: Signed overflow for SO_SND_RCV_BUFFORCE [fedora-all]
Mod
kernel
CVE-2016-9964python-bottle: redirect() doesn't filter string which allows for CRLF attack [fedora-all]
Mod
python-bottle
CVE-2016-9964python-bottle: redirect() doesn't filter string which allows for CRLF attack [epel-all]
Mod
python-bottle
phpMyAdmin: Bypass [Servers] [AllowNoPassword]
Mod
phpMyAdmin
phpMyAdmin: Bypass cfg [Servers] epel-all
Mod
phpMyAdmin
CVE-2017-8291ghostscript: -dSAFER bypass and command execution via a OutputFile pipe substring [fedora-all]
Mod
ghostscript
CVE-2017-11141ImageMagick: Memory exhaustion in ReadMATImage function in coders mat.c [fedora-all]
Mod
ImageMagick
CVE-2017-11188ImageMagick: Resource exhaustion in ReadDPXImage function in coders dpx.c [fedora-all]
Mod
ImageMagick
CVE-2017-7558kernel: Out of bounds read in inet_diag_msg_sctp addr_fill() and sctp_get_sctp_info() in SCTP stack
Mod
kernel
CVE-2017-12587ImageMagick: Resource exhaustion in ReadPWPImage function in coders pwp.c [fedora-all]
Mod
ImageMagick
CVE-2017-7558kernel: Out of bounds read in inet_diag_msg_sctp addr_fill() and sctp_get_sctp_info() in SCTP stack [fedora-all]
Mod
kernel
CVE-2012-6496rubygem-activerecord: find_by_SQL Injection [epel-5]
Mod
rubygem-activerecord
DHE man-in-the-middle protection
Mod
OpenSSL
CVE-2018-16471rubygem-rack: Cross-site scripting (XSS) via scheme method on Rack::Request
Mod
rubygem-rack
CVE-2018-16471rubygem-rack: Cross-site scripting (XSS) via scheme method on Rack::Request [fedora-all]
Mod
rubygem-rack
openssl: One and Done side channel attack can recover RSA key [fedora-all]
Mod
openssl
openssl: One and Done side channel attack can recover RSA key [fedora-all]
Mod
openssl
VMware product updates enable Hypervisor-Specific Mitigations,Hypervisor-Assisted Guest Mitigations, and Operating System-Specific Mitigations for Microarchitectural Data Sampling (MDS) Vulnerabilities (CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, and CVE-2019-11091)
Mod
VMware Workstation Player
VMware ESXi, Workstation and Fusion updates address out-of-bounds read/write vulnerabilities (CVE-2019-5521,CVE-2019-5684)
Mod
VMware Workstation Player
Information disclosure with FromPoint on iframes
Mod
SeaMonkey
CVE-2019-11250kubernetes: Bearer tokens written to logs at high verbosity levels greater or equal to 7 [fedora-all]
Mod
kubernetes
CVE-2019-11246kubernetes: Incomplete fix forCVE-2019-1002101allows for arbitrary file write via kubectl cp [fedora-all]
Mod
kubernetes
CVE-2019-11246kubernetes:1.10/kubernetes: Incomplete fix forCVE-2019-1002101allows for arbitrary file write via kubectl cp [fedora-all]
Mod
kubernetes
VMware ESXi, Workstation, Fusion, VMRC and Horizon Client updates address use-after-free and denial of service vulnerabilities.(CVE-2019-5527,CVE-2019-5535)
Mod
VMware Workstation Player
CVE-2019-13616SDL2: SDL: heap-based buffer overflow in SDL blit functions in video/SDL_blit.c [fedora-all]
Mod
SDL2
CVE-2019-6978gd: double free in the gdImage Ptr in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c [fedora-all]
Mod
gd
VMware Workstation and Fusion updates address multiple security vulnerabilities (CVE-2019-5540, CVE-2019-5541,CVE-2019-5542)
Mod
VMware Workstation Player
CVE-2019-13038mod_auth_mellon: an Open Redirect via the login ReturnTo substring which could facilitate information theft [fedora-all]
Mod
mod_auth_mellon
CVE-2019-11236python-urllib3: CRLF injection due to not encoding the sequence leading to possible attack on internal service
Mod
python-urllib3
CVE-2019-11236python-pip: python-urllib3: CRLF injection due to not encoding the sequence leading to possible attack on internal service [fedora-all]
Mod
python-pip
VMware Horizon Client, VMRC,VMware Workstation and Fusion updates address use-after-free and privilege escalation vulnerabilities (CVE-2019-5543,CVE-2020-3947, CVE-2020-3948)
Mod
VMware Workstation Player