Endpoint Vuln Protection

Name Status Update
CVE-2018-4022mkvtoolnix: MKVINFO read_one_element code execution vulnerability [fedora-all]
Add
mkvtoolnix
CVE-2018-16839curl: Heap-based buffer overflow via integer overflow in curl_sasl.c:Curl_sasl_create_plain_message() [fedora-all]
Add
curl
CVE-2018-16840curl: Use-after-free when closing and cleaning "easy" handle in Curl_close() [fedora-all]
Add
curl
CVE-2018-18928icu: integer overflow in number::impl::DecimalQuantity::toScientificString() in i18n/number_decimalquantity.cpp
Add
icu
CVE-2018-18928icu: integer overflow in number::impl::DecimalQuantity::toScientificString() in i18n/number_decimalquantity.cpp [fedora-all]
Add
icu
CVE-2017-11114links: Global-based 1 byte buffer over-read in put_chars function in html_r.c [fedora-all]
Add
links
CVE-2018-3258mysql-connector-java: Connector/J unspecified vulnerability (CPU October 2018)
Add
mysql-connector-java
CVE-2018-3258mysql-connector-java: Connector/J unspecified vulnerability (CPU October 2018) [fedora-all]
Add
mysql-connector-java
CVE-2018-14647python33: python: Missing salt initialization in _elementtree.c module [fedora-all]
Add
python33
CVE-2018-18820icecast: buffer overflow in URL auth code [fedora-all]
Add
icecast
CVE-2017-7875feh: Integer overflow in wallpaper.c while receiving an IPC message [fedora-all]
Add
feh
CVE-2018-18074python-requests: Redirect from HTTPS to HTTP does not remove Authorization header [fedora-all]
Add
python-requests
CVE-2017-2663subscription-manager: unsafe dbus interface [fedora-all]
Add
subscription-manager
CVE-2018-3837SDL2_image: information disclosure in the PCX image rendering functionality
Add
SDL2_image
CVE-2018-3977SDL2_image: code execution in the XCF image rendering functionality [fedora-all]
Add
SDL2_image
CVE-2018-14626pdns: Packet cache pollution via crafted query [fedora-all]
Add
pdns
CVE-2018-10851: pdns: Memory leak while parsing malformed records [fedora-all]
Add
pdns
php: memory leak in the garbage collector when using cyclic references
Add
php
php: memory leak in the garbage collector when using cyclic references [fedora-all]
Add
php
CVE-2018-14681libmspack: out-of-bounds write in kwajd_read_headers in mspack/kwajd.c
Add
libmspack
CVE-2018-14681libmspack: Out-of-bounds Write in kwajd_read_headers in mspack/kwajd.c [fedora-all]
Add
libmspack
CVE-2018-14680libmspack: off-by-one error in the CHM chunk number validity checks
Add
libmspack
CVE-2018-14680libmspack: off-by-one error in the CHM chunk number validity checks [fedora-all]
Add
libmspack
CVE-2018-14682libmspack: off-by-one error in the TOLOWER() macro for CHM decompression
Add
libmspack
CVE-2018-14682libmspack: off-by-one error in the TOLOWER() macro for CHM decompression [fedora-all]
Add
libmspack
CVE-2018-16648mupdf: Array index underflow in pdf_dev_alpha resulting in a crash
Add
mupdf
CVE-2018-16647mupdf: Segmentation fault in the pdf_get_xref_entry function resulting in a crash
Add
mupdf
CVE-2018-16647CVE-2018-16648mupdf: various flaws [fedora-all]
Add
mupdf
CVE-2018-18584libmspack: Out-of-bounds write in mspack/cab.h
Add
libmspack
CVE-2018-18585libmspack: chmd_read_headers() fails to reject filenames containing NULL bytes
Add
libmspack
CVE-2018-18584CVE-2018-18585libmspack: various flaws [fedora-all]
Add
libmspack
CVE-2018-18584CVE-2018-18585cabextract: various flaws [fedora-all]
Add
cabextract
CVE-2018-18662mupdf: out-of-bounds read in fz_run_t3_glyph in fitz/font.c
Add
mupdf
CVE-2018-18662mupdf: out-of-bounds read in fz_run_t3_glyph in fitz/font.c [fedora-all]
Add
mupdf
CVE-2018-18956suricata: Segmentation fault in the ProcessMimeEntity function [fedora-all]
Add
suricata
CVE-2018-18956suricata: Segmentation fault in the ProcessMimeEntity function [epel-7]
Add
suricata
CVE-2018-14661glusterfs: features/locks translator passes an user-controlled string to snprintf without a proper format string resulting in a denial of service [fedora-all]
Add
glusterfs
CVE-2018-14652glusterfs: Buffer overflow in "features/locks" translator allows for denial of service [fedora-all]
Add
glusterfs
CVE-2018-14654glusterfs: "features/index" translator can create arbitrary, empty files [fedora-all]
Add
glusterfs
CVE-2018-14660glusterfs: Repeat use of "GF_META_LOCK_KEY" xattr allows for memory exhaustion [fedora-all]
Add
glusterfs
CVE-2018-14659glusterfs: Unlimited file creation via "GF_XATTR_IOSTATS_DUMP_KEY" xattr allows for denial of service [fedora-all]
Add
glusterfs
CVE-2018-14653glusterfs: Heap-based buffer overflow via "gf_getspec_req" RPC message [fedora-all]
Add
glusterfs
CVE-2018-14651glusterfs: glusterfs server exploitable via symlinks to relative paths [fedora-all]
Add
glusterfs
CVE-2018-16646poppler: infinite recursion in Parser::getObj function in Parser.cc [fedora-all]
Add
poppler
CVE-2018-18310elfutils: invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl
Add
elfutils
CVE-2018-18310elfutils: invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl [fedora-all]
Add
elfutils
CVE-2018-4022mkvtoolnix: MKVINFO read_one_element code execution vulnerability
Add
mkvtoolnix
CVE-2018-4022mkvtoolnix: MKVINFO read_one_element code execution vulnerability [epel-all]
Add
mkvtoolnix
CVE-2018-16842curl: Heap-based buffer over-read in the curl tool warning formatting [fedora-all]
Add
curl
CVE-2018-18520elfutils: eu-size cannot handle recursive ar files
Add
elfutils
CVE-2018-18520elfutils: eu-size cannot handle recursive ar files [fedora-all]
Add
elfutils
CVE-2018-18521elfutils: Divide-by-zero in arlib_add_symbols function in arlib.c
Add
elfutils
CVE-2018-18521elfutils: Divide-by-zero in arlib_add_symbols function in arlib.c [fedora-all]
Add
elfutils
CVE-2018-19058poppler: reachable abort in Object.h [fedora-all]
Add
poppler
CVE-2018-19059poppler: out-of-bounds read in EmbFile::save2 in FileSpec.cc [fedora-all]
Add
poppler
CVE-2018-19060poppler: pdfdetach utility does not validate save paths [fedora-all]
Add
poppler
CVE-2017-2887SDL_image: Incorrect XCF property handling
Add
SDL_image
CVE-2018-14447libconfuse: Out-of-bounds read in src/lexer.l:trim_whitespace() [fedora-all]
Add
libconfuse
CVE-2018-16395CVE-2018-16396ruby: various flaws [fedora-all]
Add
ruby
CVE-2018-3977SDL2_image: code execution in the XCF image rendering functionality
Add
SDL2_image
CVE-2018-3977SDL2_image: code execution in the XCF image rendering functionality [epel-7]
Add
SDL2_image
xen: insufficient TLB flushing / improper large page mappings with AMD IOMMUs
Add
xen
xen: x86: DoS from attempting to use INVPCID with a non-canonical addresses
Add
xen
python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure [fedora-27]
Add
python-urllib3
python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure [fedora-28]
Add
python-urllib3
xen: insufficient TLB flushing / improper large page mappings with AMD IOMMUs [fedora-all]
Add
xen
xen: x86: DoS from attempting to use INVPCID with a non-canonical addresses [fedora-all]
Add
xen
xen: various flaws [fedora-all]
Add
xen
CVE-2018-16435CVE-2018-17462CVE-2018-17463CVE-2018-17464CVE-2018-17465CVE-2018-17466CVE-2018-17467CVE-2018-17468CVE-2018-17469CVE-2018-17470CVE-2018-17471CVE-2018-17473CVE-2018-17474CVE-2018-17475... chromium: various flaws [fedora-all]
Add
chromium
CVE-2018-18557libtiff: Out-of-bounds write in tif_jbig.c [fedora-all]
Add
libtiff
CVE-2018-18661libtiff: tiff2bw tool failed memory allocation leads to crash [fedora-all]
Add
libtiff
CVE-2018-18820icecast: buffer overflow in URL auth code
Add
icecast
CVE-2018-18820icecast: buffer overflow in URL auth code [epel-all]
Add
icecast
CVE-2018-16845nginx: Denial of service and memory disclosure via mp4 module [fedora-all]
Add
nginx
CVE-2018-16844nginx: Excessive CPU usage via flaw in HTTP/2 implementation [fedora-all]
Add
nginx
CVE-2018-16843nginx: Excessive memory consumption via flaw in HTTP/2 implementation [fedora-all]
Add
nginx
CVE-2018-19387tmux: NULL Pointer Dereference in format_cb_pane_tabs in format.c
Add
tmux
CVE-2018-19387tmux: NULL Pointer Dereference in format_cb_pane_tabs in format.c [fedora-all]
Add
tmux
CVE-2018-17097soundtouch: Double free in WavFileBase class in WavFile.cpp [fedora-all]
Add
soundtouch
CVE-2018-17096soundtouch: Assertion failure in BPMDetect class in BPMDetect.cpp [fedora-all]
Add
soundtouch
CVE-2018-17098soundtouch: Heap corruption in WavFileBase class in WavFile.cpp [fedora-all]
Add
soundtouch
CVE-2018-19120kio-extras: HTML Thumbnailer automatic remote file access
Add
kio-extras
CVE-2018-19120kio-extras: HTML Thumbnailer automatic remote file access [fedora-all]
Add
kio-extras
xml-security-c: null pointer dereference in xml-security-c
Add
xml-security-c
xml-security-c: null pointer dereference in xml-security-c [fedora-all]
Add
xml-security-c
CVE-2018-3133CVE-2018-3143CVE-2018-3144CVE-2018-3155CVE-2018-3156CVE-2018-3161CVE-2018-3162CVE-2018-3171CVE-2018-3173CVE-2018-3185CVE-2018-3187CVE-2018-3200CVE-2018-3247CVE-2018-3251... community-mysql: various flaws [fedora-all]
Add
community-mysql
CVE-2018-18710kernel: Information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c
Add
kernel
CVE-2018-18751gettext: double free in default_add_message in read-catalog.c [fedora-all]
Add
gettext
CVE-2018-18710kernel: Information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c [fedora-all]
Add
kernel
CVE-2018-16058wireshark: Bluetooth AVDTP dissector crash
Add
wireshark
CVE-2018-16056wireshark: Bluetooth Attribute Protocol dissector crash
Add
wireshark
CVE-2018-16057wireshark: Radiotap dissector crash
Add
wireshark
CVE-2018-16056CVE-2018-16057CVE-2018-16058wireshark: various flaws [fedora-all]
Add
wireshark
CVE-2018-12086CVE-2018-18225CVE-2018-18226CVE-2018-18227wireshark: various flaws [fedora-all]
Add
wireshark
CVE-2018-16468rubygem-loofah: XXS when a crafted SVG element is republished
Add
rubygem-loofah
CVE-2018-16468rubygem-loofah: XXS when a crafted SVG element is republished [fedora-all]
Add
rubygem-loofah
CVE-2018-16470rubygem-rack: Buffer size in multipart parser allows for denial of service
Add
rubygem-rack
CVE-2018-16470rubygem-rack: Buffer size in multipart parser allows for denial of service [fedora-all]
Add
rubygem-rack
CVE-2018-16471rubygem-rack: Cross-site scripting (XSS) via `scheme` method on `Rack::Request`
Add
rubygem-rack
CVE-2018-16471rubygem-rack: Cross-site scripting (XSS) via `scheme` method on `Rack::Request` [fedora-all]
Add
rubygem-rack
CVE-2014-10077rubygem-i18n: denial of service in Hash#slice in lib/i18n/core_ext/hash.rb
Add
rubygem-i18n
CVE-2014-10077rubygem-i18n: denial of service in Hash#slice in lib/i18n/core_ext/hash.rb [fedora-all]
Add
rubygem-i18n
myrepos: Missing URL sanitization in webcheckout [epel-7]
Add
myrepos
CVE-2018-10851pdns: Memory leak while parsing malformed records
Add
pdns
CVE-2018-14626pdns: Packet cache pollution via crafted query
Add
pdns
CVE-2018-14626pdns: Packet cache pollution via crafted query [epel-all]
Add
pdns
CVE-2018-10851pdns: Memory leak while parsing malformed records [epel-all]
Add
pdns
CVE-2018-19486git: Improper handling of PATH allows for commands to executed from current directory
Add
git
CVE-2018-19486git: Improper handling of PATH allows for commands to executed from current directory [fedora-all]
Add
git
Wireshark vulnerability wnpa-sec-2018-51
Add
Wireshark
Wireshark vulnerability wnpa-sec-2018-52
Add
Wireshark
Wireshark vulnerability wnpa-sec-2018-53
Add
Wireshark
Wireshark vulnerability wnpa-sec-2018-54
Add
Wireshark
Wireshark vulnerability wnpa-sec-2018-55
Add
Wireshark
Wireshark vulnerability wnpa-sec-2018-56
Add
Wireshark
Wireshark vulnerability wnpa-sec-2018-57
Add
Wireshark
RHSA-2018:3521: java-11-openjdk security update (Critical)
Add
OpenJDK
RHSA-2018:3522: spice-server security update (Important)
Add
spice
RHSA-2018:3531: thunderbird security update (Important)
Add
Thunderbird
RHSA-2018:3532: thunderbird security update (Important)
Add
Thunderbird
RHSA-2018:3650: ghostscript security update (Important)
Add
ghostscript
RHSA-2018:3651: kernel security, bug fix, and enhancement update (Moderate)
Add
kernel
RHSA-2018:3663: sos-collector security update (Moderate)
Add
sos-collector
RHSA-2018:3665: NetworkManager security update (Important)
Add
systemd
RHSA-2018:3666: kernel-rt security and bug fix update (Moderate)
Add
kernel
Microarchitecture timing vulnerability in ECC scalar multiplication
Add
OpenSSL
libxkbcommon vulnerabilities
Add
libxkbcommon - library interface to the XKB compiler - development files
openssh vulnerabilities
Add
openssh - secure shell (SSH) for secure access to remote machines
ppp vulnerability
Add
ppp - Point-to-Point Protocol (PPP)
spamassassin vulnerabilities
Add
spamassassin - Perl-based spam filter using text analysis
nginx vulnerabilities
Add
nginx - small, powerful, scalable web/proxy server
pyopenssl vulnerabilities
Add
pyopenssl - Python wrapper around the OpenSSL library
libmspack vulnerabilities
Add
libmspack - library for Microsoft compression formats
clamav vulnerabilities
Add
clamav - Anti-virus utility for Unix
gettext vulnerability
Add
gettext - GNU Internationalization utilities
systemd vulnerabilities
Add
systemd - system and service manager
python2.7, python3.4, python3.5 vulnerabilities
Add
python2.7 - An interactive high-level object-oriented language,python3.5 - An interactive high-level object-oriented language,python3.4 - An interactive high-level object-oriented language
postgresql-10 vulnerability
Add
postgresql-10 - Object-relational SQL database
linux-azure vulnerabilities
Add
linux-azure - Linux kernel for Microsoft Azure Cloud systems
linux vulnerabilities
Add
linux - Linux kernel
systemd vulnerability
Add
systemd - system and service manager
openjdk-7 vulnerabilities
Add
openjdk-7 - Open Source Java implementation
libapache2-mod-perl2 vulnerability
Add
libapache2-mod-perl2 - Integration of perl with the Apache2 web server
PostgreSQL: SQL injection in pg_upgrade and pg_dump, via CREATE TRIGGER ... REFERENCING.
Add
PostgreSQL
Security patch #77153 available for PHP
Add
PHP
Security patch #74886 available for PHP
Add
PHP