Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Fedora
(Fedoraproject)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-09-26 | CVE-2019-10092 | In Apache HTTP Server 2.4.0-2.4.39, a limited cross-site scripting issue was reported affecting the mod_proxy error page. An attacker could cause the link on the error page to be malformed and instead point to a page of their choice. This would only be exploitable where a server was set up with proxying enabled but was misconfigured in such a way that the Proxy Error page was displayed. | Http_server, Ubuntu_linux, Debian_linux, Fedora, Clustered_data_ontap, Leap, Communications_element_manager, Enterprise_manager_ops_center, Secure_global_desktop, Software_collection | 6.1 | ||
| 2019-09-27 | CVE-2019-8075 | Adobe Flash Player version 32.0.0.192 and earlier versions have a Same Origin Policy Bypass vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user. | Flash_player, Flash_player_desktop_runtime, Debian_linux, Fedora, Chrome | 7.5 | ||
| 2019-09-27 | CVE-2019-9232 | In libvpx, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-122675483 | Ubuntu_linux, Debian_linux, Fedora, Android, Leap | 7.5 | ||
| 2019-09-27 | CVE-2019-9278 | In libexif, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege in the media content provider with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112537774 | Ubuntu_linux, Debian_linux, Fedora, Android, Leap | 8.8 | ||
| 2019-09-27 | CVE-2019-9325 | In libvpx, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112001302 | Ubuntu_linux, Debian_linux, Fedora, Android, Leap | 6.5 | ||
| 2019-09-27 | CVE-2019-9371 | In libvpx, there is a possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-132783254 | Ubuntu_linux, Debian_linux, Fedora, Android, Leap | 6.5 | ||
| 2019-09-27 | CVE-2019-9433 | In libvpx, there is a possible information disclosure due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-80479354 | Ubuntu_linux, Debian_linux, Fedora, Android, Leap | 6.5 | ||
| 2019-09-30 | CVE-2019-16276 | Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling. | Debian_linux, Fedora, Go, Cloud_insights_telegraf_agent, Leap, Developer_tools, Enterprise_linux, Enterprise_linux_eus, Openshift_container_platform | 7.5 | ||
| 2019-10-01 | CVE-2019-17052 | ax25_create in net/ax25/af_ax25.c in the AF_AX25 network module in the Linux kernel 3.16 through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-0614e2b73768. | Ubuntu_linux, Debian_linux, Fedora, Linux_kernel | 3.3 | ||
| 2019-10-01 | CVE-2019-17055 | base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21. | Ubuntu_linux, Debian_linux, Fedora, Linux_kernel, Leap, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation | 3.3 |