• git://
#Vulnerabilities 4376
Date Id Summary Products Score Patch Annotated
2022-08-17 CVE-2020-14394 An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block (TRB) Ring. This flaw allows a privileged guest user to hang the QEMU process on the host, resulting in a denial of service. Extra_packages_for_enterprise_linux, Fedora, Qemu, Enterprise_linux, Openstack_platform 3.2
2023-03-01 CVE-2023-1127 Divide By Zero in GitHub repository vim/vim prior to 9.0.1367. Fedora, Vim 7.8
2020-06-03 CVE-2020-10749 A vulnerability was found in all versions of containernetworking/plugins before version 0.8.6, that allows malicious containers in Kubernetes clusters to perform man-in-the-middle (MitM) attacks. A malicious container can exploit this flaw by sending rogue IPv6 router advertisements to the host or other containers, to redirect traffic to the malicious container. Fedora, Cni_network_plugins, Enterprise_linux, Openshift_container_platform 6.0
2023-03-03 CVE-2022-41862 In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. In certain conditions a server can cause a libpq client to over-read and report an error message containing uninitialized bytes. Fedora, Postgresql, Enterprise_linux, Integration_camel_k, Integration_camel_quarkus, Integration_service_registry 3.7
2023-03-06 CVE-2022-4904 A flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the validity of the input string, which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity. C\-Ares, Fedora, Enterprise_linux, Software_collections 8.6
2023-02-04 CVE-2023-25193 hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks. Fedora, Harfbuzz 7.5
2019-06-29 CVE-2019-13038 mod_auth_mellon through 0.14.2 has an Open Redirect via the login?ReturnTo= substring, as demonstrated by omitting the // after http: in the target URL. Ubuntu_linux, Fedora, Mod_auth_mellon, Zfs_storage_appliance_kit 6.1
2021-05-14 CVE-2020-27769 In ImageMagick versions before 7.0.9-0, there are outside the range of representable values of type 'float' at MagickCore/quantize.c. Fedora, Imagemagick, Enterprise_linux_desktop 3.3
2022-02-24 CVE-2021-3596 A NULL pointer dereference flaw was found in ImageMagick in versions prior to 7.0.10-31 in ReadSVGImage() in coders/svg.c. This issue is due to not checking the return value from libxml2's xmlCreatePushParserCtxt() and uses the value directly, which leads to a crash and segmentation fault. Debian_linux, Fedora, Imagemagick, Enterprise_linux 6.5
2022-08-26 CVE-2021-3574 A vulnerability was found in ImageMagick-7.0.11-5, where executing a crafted file with the convert command, ASAN detects memory leaks. Fedora, Imagemagick 3.3