Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Fedora
(Fedoraproject)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-03-21 | CVE-2019-6501 | In QEMU 3.1, scsi_handle_inquiry_reply in hw/scsi/scsi-generic.c allows out-of-bounds write and read operations. | Fedora, Qemu | 5.5 | ||
| 2019-03-21 | CVE-2019-6778 | In QEMU 3.0.0, tcp_emu in slirp/tcp_subr.c has a heap-based buffer overflow. | Ubuntu_linux, Fedora, Leap, Qemu | 7.8 | ||
| 2019-03-21 | CVE-2019-7221 | The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free. | Ubuntu_linux, Debian_linux, Fedora, Linux_kernel, Active_iq_performance_analytics_services, Element_software_management_node, Leap, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Openshift_container_platform | 7.8 | ||
| 2019-03-21 | CVE-2019-7222 | The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak. | Ubuntu_linux, Debian_linux, Fedora, Linux_kernel, Active_iq_performance_analytics_services, Element_software_management_node, Leap, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_for_real_time, Enterprise_linux_for_real_time_for_nfv, Enterprise_linux_for_real_time_for_nfv_tus, Enterprise_linux_for_real_time_tus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation | 5.5 | ||
| 2019-03-21 | CVE-2019-9894 | A remotely triggerable memory overwrite in RSA key exchange in PuTTY before 0.71 can occur before host key verification. | Debian_linux, Fedora, Oncommand_unified_manager, Leap, Putty | 7.5 | ||
| 2019-03-21 | CVE-2019-9895 | In PuTTY versions before 0.71 on Unix, a remotely triggerable buffer overflow exists in any kind of server-to-client forwarding. | Fedora, Putty | 9.8 | ||
| 2019-03-21 | CVE-2019-9897 | Multiple denial-of-service attacks that can be triggered by writing to the terminal exist in PuTTY versions before 0.71. | Debian_linux, Fedora, Oncommand_unified_manager, Leap, Putty | 7.5 | ||
| 2019-03-21 | CVE-2019-9898 | Potential recycling of random numbers used in cryptography exists within PuTTY before 0.71. | Debian_linux, Fedora, Oncommand_unified_manager, Leap, Putty | 9.8 | ||
| 2019-03-21 | CVE-2019-9903 | PDFDoc::markObject in PDFDoc.cc in Poppler 0.74.0 mishandles dict marking, leading to stack consumption in the function Dict::find() located at Dict.cc, which can (for example) be triggered by passing a crafted pdf file to the pdfunite binary. | Ubuntu_linux, Debian_linux, Fedora, Poppler, Enterprise_linux, Enterprise_linux_eus, Enterprise_linux_server_aus, Enterprise_linux_server_tus | 6.5 | ||
| 2019-03-21 | CVE-2019-3855 | An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server. | Xcode, Debian_linux, Fedora, Libssh2, Ontap_select_deploy_administration_utility, Leap, Peoplesoft_enterprise_peopletools, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation | 8.8 |