Endpoint Vuln Protection

Name Status Update
CVE-2019-14835kernel: vhost-net: guest to host kernel escape during migration
Add
kernel
CVE-2019-1563openssl: information disclosure in PKCS7_dataDecode and CMS_decrypt_set1_pkey [fedora-all]
Add
openssl
CVE-2019-1549openssl: information disclosure in fork() [fedora-all]
Add
openssl
CVE-2019-1547openssl: side-channel weak encryption vulnerability [fedora-all]
Add
openssl
CVE-2019-15903expat: heap-based buffer over-read via crafted XML input [fedora-all]
Add
expat
CVE-2019-15903expat: heap-based buffer over-read via crafted XML input
Add
expat
CVE-2019-14379jackson-databind: default typing mishandling leading to remote code execution [fedora-all]
Add
jackson-databind
CVE-2019-12384jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution [fedora-all]
Add
jackson-databind
CVE-2019-12814jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message. [fedora-all]
Add
jackson-databind
CVE-2019-12086jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server. [fedora-all]
Add
jackson-databind
CVE-2019-14439jackson-databind: Polymorphic typing issue related to logback/JNDI [fedora-all]
Add
jackson-databind
CVE-2019-14822ibus: missing authorization allows local attacker to access the input bus of another user
Add
ibus
CVE-2019-14822ibus: missing authorization allows local attacker to access the input bus of another user [fedora-all]
Add
ibus
CVE-2019-5482curl: heap buffer overflow in function tftp_receive_packet() [fedora-all]
Add
curl
CVE-2019-5481curl: double free due to subsequent call of realloc() [fedora-all]
Add
curl
CVE-2019-16159bird: incorrect logical expressionwhen checking the validity of an input message leads to stack-based buffer overflow
Add
bird
CVE-2019-16159bird: incorrect logical expressionwhen checking the validity of an input message leads to stack-based buffer overflow [fedora-all]
Add
bird
CVE-2019-1543compat-openssl10: openssl: ChaCha20-Poly1305 with long nonces [fedora-all]
Add
compat-openssl10
CVE-2019-1559compat-openssl10: openssl: 0-byte record padding oracle [fedora-all]
Add
compat-openssl10
CVE-2019-16056python34: python: email.utils.parseaddr wrongly parses email addresses [fedora-all]
Add
python34
CVE-2019-10160python34: python: regression ofCVE-2019-9636due to functional fix to allow port numbers in netloc [fedora-all]
Add
python34
CVE-2019-13640qbittorrent: command injection in function Application::runExternalProgram() in app/application.cpp [fedora-all]
Add
qbittorrent
CVE-2019-9133kmplayer: processing subtitles format media leads to memory out-of-bound read/write [fedora-all]
Add
kmplayer
CVE-2019-10197samba: Combination of parameters and permissions can allow user to escape from the share path definition
Add
samba
CVE-2019-10197samba: Combination of parameters and permissions can allow user to escape from the share path definition. [fedora-all]
Add
samba
RHSA-2019:2822: dovecot security update (Important)
Add
dovecot
RHSA-2019:2827: kernel security update (Important)
Add
kernel
RHSA-2019:2828: kernel-rt security update (Important)
Add
kernel
RHSA-2019:2829: kernel security update (Important)
Add
kernel
RHSA-2019:2830: kernel-rt security update (Important)
Add
kernel
RHSA-2019:2836: dovecot security update (Important)
Add
dovecot
RHSA-2019:2773: thunderbird security update (Important)
Add
Thunderbird
RHSA-2019:2798: patch security update (Important)
Add
patch
RHSA-2019:2799: nginx:1.14 security update (Important)
Add
2
RHSA-2019:2807: thunderbird security update (Important)
Add
Thunderbird
RHSA-2019:2808: kernel security update (Important)
Add
Kernel
RHSA-2019:2774: thunderbird security update (Important)
Add
Thunderbird
RHSA-2019:2694: firefox security update (Critical)
Add
firefox
RHSA-2019:2703: kernel security and bug fix update (Important)
Add
kernel
RHSA-2019:2713: poppler security update (Moderate)
Add
poppler
RHSA-2019:2720: pki-deps:10.6 security update (Important)
Add
jackson-databind
RHSA-2019:2722: libwmf security update (Low)
Add
gd
RHSA-2019:2726: go-toolset:rhel8 security and bug fix update (Important)
Add
2
RHSA-2019:2729: firefox security update (Critical)
Add
firefox
RHSA-2019:2731: .NET Core on Red Hat Enterprise Linux security and bug fix update (Moderate)
Add
dotnet
RHSA-2019:2736: kernel security and bug fix update (Important)
Add
kernel
RHSA-2019:2741: kernel-rt security and bug fix update (Important)
Add
Kernel
RHSA-2019:2692: nghttp2 security update (Important)
Add
2
tomcat9 vulnerabilities
Add
tomcat9 - Servlet and JSP engine
wpa vulnerability
Add
wpa - client support for WPA and WPA2
apache2 regression
Add
apache2 - Apache HTTP server
ibus vulnerability
Add
ibus - Intelligent Input Bus - core
Wireshark vulnerabilities
Add
wireshark - network traffic analyzer
VMware ESXi, Workstation, Fusion, VMRC and Horizon Client updates address use-after-free and denial of service vulnerabilities.(CVE-2019-5527,CVE-2019-5535)
Add
VMware Workstation Player
Docker Security Advisory: CVE-2015-3631
Add
Docker
Docker Security Advisory: CVE-2015-3627
Add
Docker
Docker Security Advisory: CVE-2016-3697
Add
Docker
Docker Security Advisory: CVE-2018-10892
Add
Docker
Docker Security Advisory: CVE-2014-6407
Add
Docker
Docker Security Advisory: CVE-2019-5736
Add
Docker
Docker Security Advisory: CVE-2014-0047
Add
Docker
Docker Security Advisory: CVE-2019-15752
Add
Docker
Docker Security Advisory: CVE-2014-5277
Add
Docker
Docker Security Advisory: CVE-2016-9962
Add
Docker
Docker Security Advisory: CVE-2015-3630
Add
Docker
Docker Security Advisory: CVE-2014-9358
Add
Docker
Docker Security Advisory: CVE-2019-14271
Add
Docker
Docker Security Advisory: CVE-2019-13509
Add
Docker
Docker Security Advisory: CVE-2019-13139
Add
Docker
Docker Security Advisory: CVE-2014-5282
Add
Docker
Docker Security Advisory: CVE-2017-14992
Add
Docker
CVE-2019-13132zeromq: stack-overflow on any server protected by encryption/authentication
Add
zeromq
CVE-2019-13132zeromq: stack-overflow on any server protected by encryption/authentication [fedora-all]
Add
zeromq
CVE-2019-12816znc: invalid encoding leading to remote code execution [epel-7]
Add
znc
CVE-2019-12816znc: invalid encoding leading to remote code execution [fedora-all]
Add
znc
CVE-2019-14821kernel: KVM: OOB memory access via mmio ring buffer [fedora-all]
Add
kernel
CVE-2019-14821Kernel: KVM: OOB memory access via mmio ring buffer
Add
Kernel
CVE-2019-3839ghostscript: missing attack vector protections forCVE-2019-6116[fedora-all]
Add
ghostscript
CVE-2019-14817ghostscript: Safer mode bypass by .forceput exposure in .pdfexectoken and other procedures (701450) [fedora-all]
Add
ghostscript
CVE-2019-14811ghostscript: Safer mode bypass by .forceput exposure in .pdf_hook_DSC_Creator (701445) [fedora-all]
Add
ghostscript
CVE-2019-14812ghostscript: Safer mode bypass by .forceput exposure in setuserparams (701444) [fedora-all]
Add
ghostscript
CVE-2019-14813ghostscript: Safer mode bypass by .forceput exposure in setsystemparams (701443) [fedora-all]
Add
ghostscript
CVE-2019-1010228DCMTK: buffer overflow in DcmRLEDecoder::decompress() leads to possible code execution and denial of service
Add
DCMTK
CVE-2019-1010228dcmtk: buffer overflow in DcmRLEDecoder::decompress() leads to possible code execution and denial of service [fedora-all]
Add
dcmtk
CVE-2019-12222SDL2: SDL: out-of-bounds read in function SDL_InvalidateMap in video/SDL_pixels.c [epel-7]
Add
SDL2
CVE-2019-12222SDL2: SDL: out-of-bounds read in function SDL_InvalidateMap in video/SDL_pixels.c [fedora-all]
Add
SDL2
CVE-2019-12220SDL2: SDL: out-of-bounds read in function SDL_FreePalette_REAL in video/SDL_pixels.c [fedora-all]
Add
SDL2
CVE-2019-12219SDL2: SDL: invalid free error in function SDL_SetError_REAL [fedora-all]
Add
SDL2
CVE-2019-12217SDL2: SDL: null-pointer dereference in function stdio_read in file/SDL_rwops.c [fedora-all]
Add
SDL2
CVE-2019-12216SDL2: SDL: heap-based buffer overflow in function SDL2_image function IMG_LoadPCX_RW in IMG_pcx.c [fedora-all]
Add
SDL2
CVE-2019-12221SDL2: SDL: null-pointer dereference in function SDL_free_REAL in stdlib/SDL_malloc.c [fedora-all]
Add
SDL2
CVE-2019-12222SDL: out-of-bounds read in function SDL_InvalidateMap in video/SDL_pixels.c [fedora-all]
Add
SDL
CVE-2019-12220SDL: out-of-bounds read in function SDL_FreePalette_REAL in video/SDL_pixels.c [fedora-all]
Add
SDL
CVE-2019-12219SDL: invalid free error in function SDL_SetError_REAL [fedora-all]
Add
SDL
CVE-2019-12218SDL: null-pointer dereference in function IMG_LoadPCX_RW in IMG_pcx.c [fedora-all]
Add
SDL
CVE-2019-12217SDL: null-pointer dereference in function stdio_read in file/SDL_rwops.c [fedora-all]
Add
SDL
CVE-2019-12216SDL: heap-based buffer overflow in function SDL2_image function IMG_LoadPCX_RW in IMG_pcx.c [fedora-all]
Add
SDL
CVE-2019-12221SDL: null-pointer dereference in function SDL_free_REAL in stdlib/SDL_malloc.c [fedora-all]
Add
SDL
CVE-2019-13615libebml: could be made to crash if it opened a specially crafted file
Add
libebml
CVE-2019-13615libebml: could be made to crash if it opened a specially crafted file [epel-all]
Add
libebml
CVE-2019-16159bird2: bird: incorrect logical expressionwhen checking the validity of an input message leads to stack-based buffer overflow [epel-all]
Add
bird2
CVE-2019-16159bird: incorrect logical expressionwhen checking the validity of an input message leads to stack-based buffer overflow [epel-all]
Add
bird
RHSA-2019:2892: qemu-kvm security update (Important)
Add
QEMU
RHSA-2019:2863: kernel security update (Important)
Add
kernel
RHSA-2019:2885: dovecot security update (Important)
Add
dovecot
RHSA-2019:2854: kpatch-patch security update (Important)
Add
kernel
firefox vulnerability
Add
firefox - Mozilla Open Source web browser
file-roller vulnerability
Add
file-roller - archive manager for GNOME
libreoffice vulnerability
Add
libreoffice - Office productivity suite
ibus regression
Add
ibus - Intelligent Input Bus - core
CVE-2019-16928exim: remotely triggerable buffer overflow in string_vformat() [epel-all]
Add
exim
CVE-2019-16928exim: remotely triggerable buffer overflow in string_vformat() [fedora-all]
Add
exim
CVE-2019-16928exim: remotely triggerable buffer overflow in string_vformat()
Add
exim
CVE-2019-11779mosquitto: malicious MQTT sends SUBSCRIBE packet leads to stack over flow [fedora-all]
Add
mosquitto
CVE-2019-11779mosquitto: malicious MQTT sends SUBSCRIBE packet leads to stack over flow
Add
mosquitto
CVE-2019-15026memcached: stack-based buffer over-read in conn_to_str in memcached.c
Add
memcached
CVE-2019-15026memcached: stack-based buffer over-read in conn_to_str in memcached.c [fedora-all]
Add
memcached
CVE-2019-12922phpMyAdmin: a CSRF in the setup page allows deletion of server [fedora-all]
Add
phpMyAdmin
CVE-2019-12922phpMyAdmin: a CSRF in the setup page allows deletion of server
Add
phpMyAdmin
CVE-2019-14809golang: malformed hosts in URLs leads to authorization bypass
Add
golang
CVE-2019-14809golang: malformed hosts in URLs leads to authorization bypass [epel-all]
Add
golang
CVE-2019-9514golang: HTTP/2: flood using HEADERS frames results in unbounded memory growth [epel-all]
Add
golang
CVE-2019-9512golang: HTTP/2: flood using PING frames results in unbounded memory growth [epel-all]
Add
golang
RHSA-2019:2964: patch security update (Important)
Add
patch
RHSA-2019:2945: kpatch-patch security update (Important)
Add
kernel
clamav vulnerabilities
Add
clamav - Anti-virus utility for Unix
SDL 2.0 vulnerabilities
Add
libsdl2 - Simple DirectMedia Layer: cross-platform development library providing access to low level media interfaces
e2fsprogs vulnerability
Add
e2fsprogs - ext2/ext3/ext4 file system utilities
exim4 vulnerability
Add
exim4 - Exim is a mail transport agent
Security patch #54002 available for PHP
Add
PHP
CVE-2019-17056kernel: privilege escalation in llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network module [fedora-all]
Add
kernel
CVE-2019-17056kernel: privilege escalation in llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network module
Add
kernel
CVE-2019-17055kernel: privilege escalation in base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module [fedora-all]
Add
kernel
CVE-2019-17055kernel: privilege escalation in base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module
Add
kernel
CVE-2019-17054kernel: privilege escalation in atalk_create in net/appletalk/ddp.c in the AF_APPLETALK network module [fedora-all]
Add
kernel
CVE-2019-17054kernel: privilege escalation in atalk_create in net/appletalk/ddp.c in the AF_APPLETALK network module
Add
kernel
CVE-2019-17053kernel: priviledge escalation in ieee802154_create in net/ieee802154/socket.c in the AF_IEEE802154 network module [fedora-all]
Add
kernel
CVE-2019-17053kernel: privilege escalation in ieee802154_create in net/ieee802154/socket.c in the AF_IEEE802154 network module
Add
kernel
CVE-2019-17052kernel: priviledge escalation in ax25_create in net/ax25/af_ax25.c in the AF_AX25 network module [fedora-all]
Add
kernel
CVE-2019-17052kernel: privilege escalation in ax25_create in net/ax25/af_ax25.c in the AF_AX25 network module
Add
kernel
CVE-2019-16884runc: AppArmor can be bypassed by a malicious image that specifies a volume at /proc
Add
runc
CVE-2019-16884runc: AppArmor can be bypassed by a malicious image that specifies a volume at /proc [fedora-all]
Add
runc
CVE-2019-16378opendmarc: Signature-bypass vulnerability with multiple 'From' addresses [fedora-all]
Add
opendmarc
CVE-2019-12412libapreq2: libapreq: null pointer dereference in create_multipart_context() [epel-all]
Add
libapreq2
CVE-2019-12412libapreq2: libapreq: null pointer dereference in create_multipart_context() [fedora-all]
Add
libapreq2
CVE-2019-14745radare2: a command injection vulnerability in bin_symbols() in libr/core/cbin.c leads to arbitrary code execution [fedora-all]
Add
radare2
CVE-2019-14249libdwarf: division by zero in dwarf_elf_load_headers.c leading to DoS [fedora-all]
Add
libdwarf
CVE-2019-16943jackson-databind: Serialization gadgets in classes of the p6spy package [fedora-all]
Add
jackson-databind
CVE-2019-16942jackson-databind: Serialization gadgets in classes of the commons-dbcp package [fedora-all]
Add
jackson-databind
jackson-databind: Serialization gadgets in classes of the xalan package [fedora-all]
Add
jackson-databind
jackson-databind: Serialization gadgets in classes of the commons-configuration package [fedora-all]
Add
jackson-databind
jackson-databind: Serialization gadgets in classes of the ehcache package [fedora-all]
Add
jackson-databind
CVE-2019-14540jackson-databind: polymorphic typing issue related to com.zaxxer.hikari.HikariConfig [fedora-all]
Add
jackson-databind
CVE-2019-16335jackson-databind: polymorphic typing issue related to com.zaxxer.hikari.HikariDataSource [fedora-all]
Add
jackson-databind
CVE-2019-16276golang: HTTP/1.1 headers with a space before the colon leads to filter bypass or request smuggling
Add
golang
CVE-2019-16276golang: HTTP/1.1 headers with a space before the colon leads to filter bypass or request smuggling [fedora-all]
Add
golang
CVE-2019-1010262scapy: denial of service in _RADIUSAttrPacketListField [fedora-all]
Add
scapy
CVE-2019-1010142scapy: lack of input validation in port numbers leads to DoS [fedora-all]
Add
scapy
CVE-2018-19974CVE-2018-19975CVE-2018-19976yara: Multiple issues [epel-all]
Add
yara
CVE-2019-15892varnish: denial of service handling certain crafted HTTP/1 requests [fedora-all]
Add
varnish
CVE-2019-11779mosquitto: malicious MQTT sends SUBSCRIBE packet leads to stack over flow [epel-7]
Add
mosquitto
CVE-2019-12222SDL2: SDL: out-of-bounds read in function SDL_InvalidateMap in video/SDL_pixels.c [fedora-all]
Add
SDL2
CVE-2019-13616SDL2: SDL: heap-based buffer overflow in SDL blit functions in video/SDL_blit*.c [fedora-all]
Add
SDL2
octavia vulnerability
Add
octavia - OpenStack Load Balancer Service
libsoup2.4 vulnerability
Add
libsoup2.4 - HTTP client/server library for GNOME
python2.7, python3.5, python3.6, python3.7 vulnerabilities
Add
python2.7 - An interactive high-level object-oriented language,python3.7 - An interactive high-level object-oriented language,python3.6 - An interactive high-level object-oriented language,python3.5 - An interactive high-level object-oriented language
thunderbird vulnerabilities
Add
thunderbird - Mozilla Open Source mail and newsgroup client
firefox regression
Add
firefox - Mozilla Open Source web browser
unbound vulnerability
Add
unbound - validating, recursive, caching DNS resolver
openexr vulnerabilities
Add
openexr - command-line tools for the OpenEXR image format