Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Fedora
(Fedoraproject)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-09-15 | CVE-2019-16335 | A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariDataSource. This is a different vulnerability than CVE-2019-14540. | Debian_linux, Jackson\-Databind, Fedora, Oncommand_api_services, Oncommand_workflow_automation, Steelstore_cloud_integrated_storage, Banking_platform, Customer_management_and_segmentation_foundation, Financial_services_analytical_applications_infrastructure, Global_lifecycle_management_opatch, Goldengate_application_adapters, Goldengate_stream_analytics, Primavera_gateway, Retail_customer_management_and_segmentation_foundation, Retail_xstore_point_of_service, Weblogic_server, Jboss_enterprise_application_platform | 9.8 | ||
| 2019-09-16 | CVE-2019-5481 | Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3. | Debian_linux, Fedora, Curl, Cloud_backup, Solidfire_baseboard_management_controller_firmware, Steelstore, Leap, Communications_operations_monitor, Communications_session_border_controller, Enterprise_manager_ops_center, Mysql_server, Oss_support_tools | 9.8 | ||
| 2019-09-16 | CVE-2019-5482 | Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3. | Debian_linux, Fedora, Curl, Cloud_backup, Oncommand_insight, Oncommand_unified_manager, Oncommand_workflow_automation, Snapcenter, Steelstore_cloud_integrated_storage, Leap, Communications_operations_monitor, Communications_session_border_controller, Enterprise_manager_ops_center, Http_server, Hyperion_essbase, Mysql_server, Oss_support_tools | 9.8 | ||
| 2019-09-17 | CVE-2019-16239 | process_http_response in OpenConnect before 8.05 has a Buffer Overflow when a malicious server uses HTTP chunked encoding with crafted chunk sizes. | Ubuntu_linux, Debian_linux, Fedora, Openconnect, Leap | 9.8 | ||
| 2019-09-17 | CVE-2019-16378 | OpenDMARC through 1.3.2 and 1.4.x through 1.4.0-Beta1 is prone to a signature-bypass vulnerability with multiple From: addresses, which might affect applications that consider a domain name to be relevant to the origin of an e-mail message. | Ubuntu_linux, Debian_linux, Fedora, Opendmarc | 9.8 | ||
| 2019-09-19 | CVE-2019-11779 | In Eclipse Mosquitto 1.5.0 to 1.6.5 inclusive, if a malicious MQTT client sends a SUBSCRIBE packet containing a topic that consists of approximately 65400 or more '/' characters, i.e. the topic hierarchy separator, then a stack overflow will occur. | Ubuntu_linux, Debian_linux, Mosquitto, Fedora, Backports_sle, Leap | 6.5 | ||
| 2019-09-23 | CVE-2019-16707 | Hunspell 1.7.0 has an invalid read operation in SuggestMgr::leftcommonsubstring in suggestmgr.cxx. | Fedora, Hunspell | 6.5 | ||
| 2019-09-24 | CVE-2019-16746 | An issue was discovered in net/wireless/nl80211.c in the Linux kernel through 5.2.17. It does not check the length of variable elements in a beacon head, leading to a buffer overflow. | Ubuntu_linux, Debian_linux, Fedora, Linux_kernel, Leap | 9.8 | ||
| 2019-09-25 | CVE-2019-16884 | runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfs_linux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory. | Ubuntu_linux, Docker, Fedora, Runc, Leap, Enterprise_linux, Enterprise_linux_eus, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Openshift_container_platform | 7.5 | ||
| 2019-09-26 | CVE-2019-16738 | In MediaWiki through 1.33.0, Special:Redirect allows information disclosure of suppressed usernames via a User ID Lookup. | Debian_linux, Fedora, Mediawiki | 5.3 |