Endpoint Vuln Protection

Name Status Update
CVE-2019-19332kernel: kvm: OOB memory write via kvm_dev_ioctl_get_cpuid [fedora-all]
Add
kernel
CVE-2019-19332Kernel: kvm: OOB memory write via kvm_dev_ioctl_get_cpuid
Add
Kernel
CVE-2019-13725CVE-2019-13726CVE-2019-13727CVE-2019-13728CVE-2019-13729CVE-2019-13730CVE-2019-13732CVE-2019-13734CVE-2019-13735CVE-2019-13736CVE-2019-13737CVE-2019-13738CVE-2019-13739CVE-2019-13740... chromium: various flaws [fedora-all]
Add
chromium
CVE-2019-13753sqlite: fts3: incorrectly removed corruption check
Add
sqlite
CVE-2019-13751sqlite: fts3: improve detection of corrupted records
Add
sqlite
CVE-2019-13752sqlite: fts3: improve shadow table corruption detection
Add
sqlite
CVE-2019-13750sqlite: dropping of shadow tables not restricted in defensive mode
Add
sqlite
CVE-2019-13734sqlite: fts3: improve shadow table corruption detection
Add
sqlite
CVE-2019-13744chromium: chromium-browser: Insufficient policy enforcement in cookies [fedora-all]
Add
chromium
CVE-2019-13758chromium: chromium-browser: Insufficient policy enforcement in navigation [fedora-all]
Add
chromium
CVE-2019-19583xen: denial of service in HVM/PVH guest userspace code (XSA-308) [fedora-all]
Add
xen
CVE-2019-19578xen: privilege escalation due to malicious PV guest (XSA-309) [fedora-all]
Add
xen
CVE-2019-19580xen: Further issues with restartable PV type change operations (XSA-310) [fedora-all]
Add
xen
CVE-2019-19577xen: vulnerability in dynamic height handling for AMD IOMMU pagetables (XSA-311 v2) [fedora-all]
Add
xen
CVE-2019-19583xen: denial of service in HVM/PVH guest userspace code (XSA-308)
Add
xen
CVE-2019-19578xen: privilege escalation due to malicious PV guest (XSA-309)
Add
xen
CVE-2019-19580xen: Further issues with restartable PV type change operations (XSA-310)
Add
xen
CVE-2019-19577xen: vulnerability in dynamic height handling for AMD IOMMU pagetables (XSA-311 v2)
Add
xen
CVE-2019-19582xen: denial of service in find_next_bit() (XSA-307) [fedora-all]
Add
xen
CVE-2019-19582xen: denial of service in find_next_bit() (XSA-307)
Add
xen
CVE-2019-16723cacti: Authentication bypass via graph_json.php request
Add
cacti
CVE-2019-16723cacti: Authentication bypass via graph_json.php request [fedora-all]
Add
cacti
CVE-2019-14889libssh: unsanitized location in scp could lead to unwanted command execution [fedora-all]
Add
libssh
libgit2: Out-of-bounds write via commits with large number of parents [fedora-all]
Add
libgit2
CVE-2019-18397fribidi: buffer overflow in fribidi_get_par_embedding_levels_ex() in lib/fribidi-bidi.c leading to denial of service and possible code execution
Add
fribidi
CVE-2019-18397fribidi: stack based buffer overflow in function fribidi_get_par_embedding_levels_ex() in lib/fribidi-bidi.c leads to denial of service [fedora-all]
Add
fribidi
CVE-2019-1354git: Git does not refuse to write out tracked files with backlashes in filenames [fedora-all]
Add
git
CVE-2019-1353git: NTFS protections inactive when running Git in the Windows Subsystem for Linux
Add
git
CVE-2019-19604git: Recursive clone followed by a submodule update could execute code contained within repository without the user explicitly consent [fedora-all]
Add
git
CVE-2019-1354git: Git does not refuse to write out tracked files with backlashes in filenames
Add
git
CVE-2019-19604git: Recursive clone followed by a submodule update could execute code contained within repository without the user explicitly consent
Add
git
CVE-2019-1353git: NTFS protections inactive when running Git in the Windows Subsystem for Linux [fedora-all]
Add
git
CVE-2019-1352git: Files inside the .git directory may be overwritten during cloning via NTFS Alternate Data Streams [fedora-all]
Add
git
CVE-2019-1351git: Git mistakes some paths for relative paths allowing writing outside of the worktree while cloning
Add
git
CVE-2019-1352git: Files inside the .git directory may be overwritten during cloning via NTFS Alternate Data Streams
Add
git
CVE-2019-1351git: Git mistakes some paths for relative paths allowing writing outside of the worktree while cloning [fedora-all]
Add
git
CVE-2019-1350git: Incorrect quoting of command-line arguments allowed remote code execution during a recursive clone
Add
git
CVE-2019-1350git: Incorrect quoting of command-line arguments allowed remote code execution during a recursive clone [fedora-all]
Add
git
CVE-2019-1348git: Arbitrary path overwriting via export-marks command option [fedora-all]
Add
git
CVE-2019-1349git: recursive submodule cloning allows using git directory twice with synonymous directory name written in .git/ [fedora-all]
Add
git
CVE-2019-1387git: Remote code execution in recursive clones with nested submodules
Add
git
CVE-2019-1349git: Recursive submodule cloning allows using git directory twice with synonymous directory name written in .git/
Add
git
CVE-2019-1348git: Arbitrary path overwriting via export-marks in-stream command feature
Add
git
CVE-2019-1387git: remote code execution in recursive clones with nested submodules [fedora-all]
Add
git
CVE-2019-5544openslp: Heap-based buffer overflow in ProcessSrvRqst() in slpd_process.c leading to remote code execution
Add
openslp
CVE-2019-5544openslp: Heap-based buffer overflow in ProcessSrvRqst() in slpd_process.c leading to remote code execution [fedora-all]
Add
openslp
CVE-2019-19331knot-resolver: DNS packets taking few seconds to process with full CPU utilization leads to DoS [epel-7]
Add
knot-resolver
CVE-2018-18074python3-requests: python-requests: Redirect from HTTPS to HTTP does not remove Authorization header [epel-7]
Add
python3-requests
CVE-2019-19269proftpd: NULL pointer dereference when validating the certificate of a client connecting to the server [epel-7]
Add
proftpd
CVE-2019-19272proftpd: NULL pointer dereference in tls_verify_crl when validating the certificate of a client
Add
proftpd
CVE-2019-19272proftpd: NULL pointer dereference in tls_verify_crl when validating the certificate of a client [epel-all]
Add
proftpd
CVE-2019-19271proftpd: A wrong iteration variable, used when checking a client certificate against CRL entries, can cause some CRL entries to be ignored
Add
proftpd
CVE-2019-19271proftpd: A wrong iteration variable, used when checking a client certificate against CRL entries, can cause some CRL entries to be ignored [epel-all]
Add
proftpd
CVE-2019-19270proftpd: failure to check for the appropriate field of a CRL entry prevents some valid CRLs from being taken into account [epel-all]
Add
proftpd
CVE-2019-19269proftpd: NULL pointer dereference when validating the certificate of a client connecting to the server [epel-6]
Add
proftpd
python-django vulnerability
Add
python-django - High-level Python web development framework
graphicsmagick vulnerabilities
Add
graphicsmagick - collection of image processing tools
Security patch #78910 available for PHP
Add
PHP
CVE-2019-11324python-pip: python-urllib3: Certification mishandle when error should be thrown [fedora-all]
Add
python-pip
CVE-2019-11236python-urllib3: CRLF injection due to not encoding the '\r\n' sequence leading to possible attack on internal service
Add
python-urllib3
CVE-2019-11236python-pip: python-urllib3: CRLF injection due to not encoding the '\r\n' sequence leading to possible attack on internal service [fedora-all]
Add
python-pip
CVE-2019-19722dovecot: null pointer dereference in push notification driver
Add
dovecot
CVE-2019-19722dovecot: null pointer dereference in push notification driver [fedora-all]
Add
dovecot
CVE-2019-13767chromium: chromium-browser: Use after free in media picker [epel-7]
Add
chromium
CVE-2019-13725CVE-2019-13726CVE-2019-13727CVE-2019-13728CVE-2019-13729CVE-2019-13730CVE-2019-13732CVE-2019-13734CVE-2019-13735CVE-2019-13736CVE-2019-13737CVE-2019-13738CVE-2019-13739CVE-2019-13740... chromium: various flaws [epel-7]
Add
chromium
CVE-2019-5842chromium: chromium-browser: Use-after-free in Blink [epel-7]
Add
chromium
CVE-2019-13758chromium: chromium-browser: Insufficient policy enforcement in navigation [epel-7]
Add
chromium
CVE-2019-13744chromium: chromium-browser: Insufficient policy enforcement in cookies [epel-7]
Add
chromium
CVE-2019-13767chromium: chromium-browser: Use after free in media picker [fedora-all]
Add
chromium
CVE-2019-2938CVE-2019-2974mariadb:10.4/mariadb: various flaws [fedora-all]
Add
mariadb
CVE-2018-18074python3-requests: python-requests: Redirect from HTTPS to HTTP does not remove Authorization header [epel-6]
Add
python3-requests
CVE-2018-18074python-requests: Redirect from HTTPS to HTTP does not remove Authorization header
Add
python-requests
Security Vulnerabilities fixed in Firefox 72.0.1 and Firefox ESR 68.4.1
Add
Firefox
Security Vulnerabilities fixed in Firefox 72.0.1 and Firefox ESR 68.4.1
Add
Firefox ESR
Security Vulnerabilities fixed in Firefox ESR 68.4
Add
Firefox ESR
Security Vulnerabilities fixed in Firefox 72
Add
Firefox
Security Vulnerabilities fixed in Thunderbird 68.4.1
Add
Thunderbird
firefox vulnerabilities
Add
firefox - Mozilla Open Source web browser
gnutls28 update
Add
gnutls28 - GNU TLS library
graphicsmagick vulnerabilities
Add
graphicsmagick - collection of image processing tools
clamav vulnerability
Add
clamav - Anti-virus utility for Unix
Security Vulnerability CVE-2019-13765 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2019-13766 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2019-5844 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2019-5845 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2019-5846 for Google Chrome
Add
Google Chrome
CVE-2020-6377chromium: chromium-browser: Use after free in audio [fedora-all]
Add
chromium
CVE-2019-9232libvpx: Out of bounds read in vp8_norm table
Add
libvpx
CVE-2019-9433libvpx: Use-after-free in vp8_deblock() in vp8/common/postproc.c
Add
libvpx
CVE-2019-9325libvpx: Out-of-bounds read in read in decoder_peek_si_internal() in vp9/vp9_dx_iface.c
Add
libvpx
CVE-2019-9371libvpx: Resource exhaustion after memory leak in mkvparser.cc
Add
libvpx
CVE-2019-2126libvpx: Double free in ParseContentEncodingEntry() in mkvparser.cc
Add
libvpx
CVE-2019-17632jetty: generation of default unhandled error response content does not escape exception messages in stacktraces included in error output
Add
jetty
CVE-2019-17632jetty: generation of default unhandled error response content does not escape exception messages in stacktraces included in error output [fedora-all]
Add
jetty
CVE-2019-1010315wavpack: divide by zero in ParseDsdiffHeaderConfig leads to crash
Add
wavpack
CVE-2010-2247makepasswd: default settin generate insecure passwords [fedora-all]
Add
makepasswd
CVE-2018-1002102kubernetes: improper validation of URL redirection in the Kubernetes API server allows an attacker-controlled Kubelet to redirect API server requests from streaming endpoints [fedora-all]
Add
kubernetes
CVE-2019-15139GraphicsMagick: ImageMagick: out-of-bounds read in ReadXWDImage in coders/xwd.c [fedora-all]
Add
GraphicsMagick
CVE-2019-15139ImageMagick: out-of-bounds read in ReadXWDImage in coders/xwd.c
Add
ImageMagick
CVE-2018-9018GraphicsMagick: divide-by-zero in the ReadMNGImage function in coders/png.c
Add
GraphicsMagick
CVE-2018-9018GraphicsMagick: divide-by-zero in the ReadMNGImage function in coders/png.c [fedora-all]
Add
GraphicsMagick
CVE-2019-13107matio: multiple interger overflow in mat.c, mat4.c, mat5.c, mat73.c and matvar_struct.c [fedora-all]
Add
matio
CVE-2019-19630htmldoc: crafted HTML document allows for a stack-based buffer overflow in the hd_strlcpy() function in string.c [epel-all]
Add
htmldoc
CVE-2019-19630htmldoc: crafted HTML document allows for a stack-based buffer overflow in the hd_strlcpy() function in string.c [fedora-all]
Add
htmldoc
CVE-2019-16723cacti: Authentication bypass via graph_json.php request [epel-all]
Add
cacti
CVE-2019-17357cacti: SQL Injection in graphs.php [epel-all]
Add
cacti
CVE-2019-17357cacti: SQL Injection in graphs.php
Add
cacti
nginx vulnerability
Add
nginx - small, powerful, scalable web/proxy server
Security Vulnerability CVE-2020-6377 for Google Chrome
Add
Google Chrome