Endpoint Vuln Protection

Name Status Update
CVE-2020-7595libxml2: infinite loop in a certain end-of-file situation [fedora-all]
Add
libxml2
CVE-2019-20388libxml2: memory leak in xmlSchemaPreRun in xmlschemas.c [fedora-all]
Add
libxml2
CVE-2020-7237cacti: remote code execution due to input validation in Performance Boost Debug Log
Add
cacti
CVE-2020-7237cacti: remote code execution due to input validation in Performance Boost Debug Log [fedora-all]
Add
cacti
CVE-2019-15605nodejs: HTTP request smuggling using malformed Transfer-Encoding header [fedora-all]
Add
nodejs
CVE-2019-15605nodejs: HTTP request smuggling using malformed Transfer-Encoding header
Add
nodejs
CVE-2019-14868ksh: environment variables on startup are interpreted as arithmetic expression leading to code injection [fedora-all]
Add
ksh
CVE-2020-5208ipmitool: Buffer overflow in read_fru_area_section function in lib/ipmi_fru.c
Add
ipmitool
CVE-2020-5208ipmitool: Buffer overflow in read_fru_area_section function in lib/ipmi_fru.c [fedora-all]
Add
ipmitool
CVE-2020-1712systemd: use-after-free when asynchronous polkit queries are performed [fedora-all]
Add
systemd
CVE-2019-20386systemd: a memory leak was discovered in button_open in login/logind-button.c when executing the udevadm trigger command [fedora-30]
Add
systemd
CVE-2019-19590radare2: integer overflow in for the variable new_token_size in the function r_asm_massemble at libr/asm/asm.c [fedora-all]
Add
radare2
CVE-2019-19647radare2: improper variable validation in r_asm_pseudo_incbin in libr/asm/asm.c leads to DoS [fedora-all]
Add
radare2
CVE-2019-19647radare2: improper variable validation in r_asm_pseudo_incbin in libr/asm/asm.c leads to DoS [epel-7]
Add
radare2
CVE-2019-16718radare2: command injection vulnerability in bin_symbols() in libr/core/cbin.c [epel-7]
Add
radare2
CVE-2019-19590radare2: integer overflow in for the variable new_token_size in the function r_asm_massemble at libr/asm/asm.c [epel-7]
Add
radare2
CVE-2019-20176pure-ftpd: stack exhaustion in function listdir in ls.c [epel-all]
Add
pure-ftpd
CVE-2020-8112openjpeg2: openjpeg: heap based buffer overflow in pj_t1_clbl_decode_processor in openjp2/t1.c [fedora-all]
Add
openjpeg2
CVE-2019-19911python-pillow: Out of memory issue in FpxImagePlugin.py [fedora-all]
Add
python-pillow
CVE-2019-12418tomcat: local privilege escalation [epel-all]
Add
tomcat
CVE-2019-17563tomcat: session fixation when using FORM authentication [epel-all]
Add
tomcat
CVE-2019-14494poppler: divide-by-zero in function SplashOutputDev::tilingPatternFill in SplashOutputDev.cc
Add
poppler
CVE-2019-14494poppler: divide-by-zero in function SplashOutputDev::tilingPatternFill in SplashOutputDev.cc [fedora-all]
Add
poppler
Security Vulnerabilities fixed in Thunderbird 68.5
Add
Thunderbird
CVE-2020-9391kernel: brk discards top byte of addresses on aarch64, causing heap corruption in glibc malloc
Add
kernel
CVE-2020-8945proglottis/gpgme: Use-after-free in GPGME bindings during container image pull
Add
gpgme
CVE-2020-8945skopeo: proglottis/gpgme: Use-after-free in GPGME bindings during container image pull [fedora-all]
Add
skopeo
CVE-2015-9542pam_radius: buffer overflow in password field
Add
pam_radius
CVE-2015-9542pam_radius: buffer overflow in password field [epel-6]
Add
pam_radius
CVE-2018-20060python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure
Add
python-urllib3
CVE-2019-17358cacti: unsafe deserialization of user-controlled data
Add
cacti
CVE-2019-17358cacti: unsafe deserialization of user-controlled data [epel-all]
Add
cacti
CVE-2020-7106cacti: XSS due to lack of escaping on some pages
Add
cacti
CVE-2020-7106cacti: XSS due to lack of escaping on some pages [epel-all]
Add
cacti
CVE-2020-7237cacti: remote code execution due to input validation in Performance Boost Debug Log [epel-all]
Add
cacti
CVE-2020-6750glib: Mishandling of proxy_addr field in GSocketClient may lead to proxy being ignored
Add
glib
CVE-2020-6750glib2: glib: Mishandling of proxy_addr field in GSocketClient may lead to proxy being ignored [fedora-all]
Add
glib2
Security Vulnerabilities fixed in Firefox 73
Add
Firefox
webkit2gtk vulnerabilities
Add
webkit2gtk - Web content engine library for GTK+
clamav vulnerability
Add
clamav - Anti-virus utility for Unix
firefox vulnerabilities
Add
firefox - Mozilla Open Source web browser
mariadb-10.1, mariadb-10.3 vulnerability
Add
mariadb-10.3 - MariaDB database,mariadb-10.1 - MariaDB database
python-reportlab vulnerability
Add
python-reportlab - library to create PDF documents
mesa vulnerability
Add
mesa - free implementation of the EGL API
exiv2 vulnerability
Add
exiv2 - EXIF/IPTC/XMP metadata manipulation tool
systemd vulnerabilities
Add
systemd - system and service manager
OpenSMTPD vulnerability
Add
opensmtpd - secure, reliable, lean, and easy-to configure SMTP server
mbedtls vulnerabilities
Add
mbedtls - lightweight crypto and SSL/TLS library - crypto library
qemu vulnerabilities
Add
qemu - Machine emulator and virtualizer
Security Vulnerability CVE-2019-13117 in Oracle JRE
Add
Java JRE
Security Vulnerability CVE-2019-13117 in Oracle JDK
Add
Java JDK
Security Vulnerability CVE-2019-13118 in Oracle JRE
Add
Java JRE
Security Vulnerability CVE-2019-13118 in Oracle JDK
Add
Java JDK
Security Vulnerability CVE-2019-16168 in Oracle JRE
Add
Java JRE
Security Vulnerability CVE-2019-16168 in Oracle JDK
Add
Java JDK
Security Vulnerability CVE-2020-2570 in MySQL
Add
MySQL Server
Security Vulnerability CVE-2020-2572 in MySQL
Add
MySQL Server
Security Vulnerability CVE-2020-2573 in MySQL
Add
MySQL Server
Security Vulnerability CVE-2020-2574 in MySQL
Add
MySQL Server
Security Vulnerability CVE-2020-2577 in MySQL
Add
MySQL Server
Security Vulnerability CVE-2020-2579 in MySQL
Add
MySQL Server
Security Vulnerability CVE-2020-2580 in MySQL
Add
MySQL Server
Security Vulnerability CVE-2020-2583 in Oracle JRE
Add
Java JRE
Security Vulnerability CVE-2020-2583 in Oracle JDK
Add
Java JDK
Security Vulnerability CVE-2020-2584 in MySQL
Add
MySQL Server
Security Vulnerability CVE-2020-2585 in Oracle JRE
Add
Java JRE
Security Vulnerability CVE-2020-2585 in Oracle JDK
Add
Java JDK
Security Vulnerability CVE-2020-2588 in MySQL
Add
MySQL Server
Security Vulnerability CVE-2020-2589 in MySQL
Add
MySQL Server
Security Vulnerability CVE-2020-2590 in Oracle JRE
Add
Java JRE
Security Vulnerability CVE-2020-2590 in Oracle JDK
Add
Java JDK
Security Vulnerability CVE-2020-2593 in Oracle JRE
Add
Java JRE
Security Vulnerability CVE-2020-2593 in Oracle JDK
Add
Java JDK
Security Vulnerability CVE-2020-2601 in Oracle JRE
Add
Java JRE
Security Vulnerability CVE-2020-2601 in Oracle JDK
Add
Java JDK
Security Vulnerability CVE-2020-2604 in Oracle JRE
Add
Java JRE
Security Vulnerability CVE-2020-2604 in Oracle JDK
Add
Java JDK
Security Vulnerability CVE-2020-2627 in MySQL
Add
MySQL Server
Security Vulnerability CVE-2020-2654 in Oracle JRE
Add
Java JRE
Security Vulnerability CVE-2020-2654 in Oracle JDK
Add
Java JDK
Security Vulnerability CVE-2020-2655 in Oracle JRE
Add
Java JRE
Security Vulnerability CVE-2020-2655 in Oracle JDK
Add
Java JDK
Security Vulnerability CVE-2020-2659 in Oracle JRE
Add
Java JRE
Security Vulnerability CVE-2020-2659 in Oracle JDK
Add
Java JDK
Security Vulnerability CVE-2020-2660 in MySQL
Add
MySQL Server
Security Vulnerability CVE-2020-2679 in MySQL
Add
MySQL Server
Security Vulnerability CVE-2020-2686 in MySQL
Add
MySQL Server
Security Vulnerability CVE-2020-2694 in MySQL
Add
MySQL Server
Security patch #79221 available for PHP
Add
PHP
Security patch #79082 available for PHP
Add
PHP
Security Vulnerability CVE-2020-6379 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6378 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6399 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6398 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6395 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6394 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6397 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6396 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6391 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6390 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6393 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6392 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6409 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6408 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6401 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6400 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6403 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6402 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6405 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6404 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6407 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6406 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6388 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6389 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6386 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6387 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6384 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6385 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6382 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6383 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6380 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6381 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6418 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6412 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6413 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6410 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6411 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6416 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6414 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6417 for Google Chrome
Add
Google Chrome
Security Vulnerability CVE-2020-6415 for Google Chrome
Add
Google Chrome
CVE-2019-19232sudo: attacker with access to a Runas ALL sudoer account can impersonate a nonexistent user [fedora-all]
Add
sudo
CVE-2019-19234sudo: by using ! character in the shadow file instead of a password hash can access to a run as all sudoer account [fedora-all]
Add
sudo
CVE-2019-18634sudo: Stack based buffer overflow in when pwfeedback is enabled [fedora-all]
Add
sudo
CVE-2020-2732Kernel: kvm: nVMX: L2 guest may trick the L0 hypervisor to access sensitive L1 resources
Add
Kernel
CVE-2020-2732kernel: kvm: nVMX: L2 guest may trick the L0 hypervisor to access sensitive L1 resources [fedora-all]
Add
kernel
CVE-2020-1702cri-o: containers/image: Container images read entire image manifest into memory [fedora-31]
Add
cri-o
CVE-2020-8945cri-o:1.14/cri-o: proglottis/gpgme: Use-after-free in GPGME bindings during container image pull [fedora-all]
Add
cri-o
CVE-2019-20477PyYAML: command execution through python/object/apply constructor in FullLoader
Add
PyYAML
CVE-2019-20477PyYAML: command execution through python/object/apply constructor in FullLoader [fedora-all]
Add
PyYAML
CVE-2019-15587rubygem-loofah: XXS when a crafted SVG element is republished
Add
rubygem-loofah
CVE-2019-15587rubygem-loofah: XXS when a crafted SVG element is republished [fedora-all]
Add
rubygem-loofah
CVE-2019-16789python-waitress: waitress: HTTP Request Smuggling through Invalid whitespace characters in headers [fedora-all]
Add
python-waitress
CVE-2019-16786python-waitress: waitress: HTTP request smuggling through invalid Transfer-Encoding [fedora-all]
Add
python-waitress
CVE-2019-16785python-waitress: waitress: HTTP request smuggling through LF vs CRLF handling [fedora-all]
Add
python-waitress
CVE-2020-7105hiredis: NULL pointer dereference in async.c and dict.c in libhiredis.a [epel-all]
Add
hiredis
CVE-2020-7105hiredis: NULL pointer dereference in async.c and dict.c in libhiredis.a [fedora-all]
Add
hiredis
libpam-radius-auth vulnerability
Add
libpam-radius-auth - The PAM RADIUS authentication module
squid, squid3 vulnerabilities
Add
squid - Web proxy cache server,squid3 - Web proxy cache server
ppp vulnerability
Add
ppp - Point-to-Point Protocol (PPP)
php7.0 regression
Add
php7.0 - HTML-embedded scripting language interpreter
CVE-2020-1739ansible: svn module leaks password when specified as a parameter [epel-all]
Add
ansible
CVE-2020-1737ansible: Extract-Zip function in win_unzip module does not check extracted path [epel-all]
Add
ansible
CVE-2018-8007couchdb: Administrative Privilege Escalation [fedora-all]
Add
couchdb
CVE-2018-11769couchdb: Possible privilege escalation by couchdb administrator to system couchdb user [fedora-all]
Add
couchdb
CVE-2018-17188couchdb: Remote Privilege Escalations [fedora-all]
Add
couchdb
CVE-2019-19274python3-typed_ast: out-of-bounds read in handle_keywordonly_args() function [fedora-30]
Add
python3-typed_ast
CVE-2019-19275python3-typed_ast: out-of-bounds read in ast_for_arguments() function [fedora-30]
Add
python3-typed_ast
monit: Use-after-free in function _handleEvent()
Add
monit
monit: Use-after-free in function _handleEvent() [epel-all]
Add
monit
monit: Multiple issues fixed in 5.25.3
Add
monit
monit: Multiple issues fixed in 5.25.3 [epel-all]
Add
monit
monit: Multiple vulnerabilities fixed in monit 5.25.3
Add
monit
monit: Multiple vulnerabilities fixed in monit 5.25.3 [epel-all]
Add
monit
CVE-2019-11455monit: buffer over-read in function Util_urlDecode in util.c
Add
monit
CVE-2019-11454monit: cross-site scripting (XSS) in http/cervlet.c
Add
monit
CVE-2019-11454CVE-2019-11455monit: various flaws [epel-all]
Add
monit
CVE-2020-8945podman: proglottis/gpgme: Use-after-free in GPGME bindings during container image pull [fedora-all]
Add
podman
CVE-2020-8813cacti: remote code can be executed when guest users have access to realtime graphs
Add
cacti
CVE-2020-8813cacti: remote code can be executed when guest users have access to realtime graphs [fedora-all]
Add
cacti
CVE-2020-7247opensmtpd: arbitrary commands execution in smtp_mailaddr in smtp_session.c via crafted SMTP session [epel-all]
Add
opensmtpd
CVE-2020-8793opensmtpd: Reading of arbitrary file by unprivileged attacker can result in information disclosure or privilege escalation [epel-all]
Add
opensmtpd
CVE-2020-8794opensmtpd: An out-of-bounds read could lead to remote code execution [epel-all]
Add
opensmtpd
CVE-2019-20044zsh: insecure dropping of privileges when unsetting PRIVILEGED option [fedora-all]
Add
zsh
CVE-2020-9273proftpd: use-after-free in alloc_pool in pool.c
Add
proftpd
CVE-2020-8597ppp: Buffer overflow in the eap_request and eap_response functions in eap.c
Add
ppp
CVE-2020-8597ppp: Buffer overflow in the eap_request and eap_response functions in eap.c [fedora-all]
Add
ppp
Security Vulnerabilities fixed in Thunderbird 68.6
Add
Thunderbird
Security Vulnerabilities fixed in Firefox ESR 68.6
Add
Firefox ESR
Security Vulnerabilities fixed in Firefox 74
Add
Firefox
rsync vulnerabilities
Add
rsync - fast, versatile, remote (and local) file-copying tool
VMwareHorizon Client, VMRC,VMware Workstation and Fusion updates address use-after-free and privilege escalation vulnerabilities (CVE-2019-5543,CVE-2020-3947, CVE-2020-3948)
Add
VMware Workstation Player
CRYPTO-NAK DoS for NetworkTimeFoundation NTP
Mod
NTP
Base64 decode issue of OpenSSL
Mod
OpenSSL
rsaz_1024_mul_avx2 overflow bug on x86_64
Mod
OpenSSL
qemu update - Machine emulator and virtualizer
Mod
qemu - Machine emulator and virtualizer
Libvirt virtualization toolkit (libvirt) update
Mod
libvirt - Libvirt virtualization toolkit
Machine emulator and virtualizer (qemu) security update
Mod
qemu - Machine emulator and virtualizer
Machine emulator and virtualizer (qemu) security update
Mod
qemu - Machine emulator and virtualizer
Small caching DNS proxy and DHCP/TFTP server dnsmasq security update
Mod
dnsmasq - Small caching DNS proxy and DHCP/TFTP server
read/write NTFS driver for FUSE ntfs-3g security update
Mod
ntfs-3g - read/write NTFS driver for FUSE
Libvirt virtualization toolkit libvirt security update
Mod
libvirt - Libvirt virtualization toolkit
Document viewer evince security update
Mod
evince - Document viewer