Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Fedora
(Fedoraproject)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-09-09 | CVE-2019-16159 | BIRD Internet Routing Daemon 1.6.x through 1.6.7 and 2.x through 2.0.5 has a stack-based buffer overflow. The BGP daemon's support for RFC 8203 administrative shutdown communication messages included an incorrect logical expression when checking the validity of an input message. Sending a shutdown communication with a sufficient message length causes a four-byte overflow to occur while processing the message, where two of the overflow bytes are attacker-controlled and two are fixed. | Debian_linux, Fedora, Bird, Backports_sle | 7.5 | ||
| 2019-09-09 | CVE-2019-16163 | Oniguruma before 6.9.3 allows Stack Exhaustion in regcomp.c because of recursion in regparse.c. | Ubuntu_linux, Debian_linux, Fedora, Oniguruma | 7.5 | ||
| 2019-09-09 | CVE-2019-16167 | sysstat before 12.1.6 has memory corruption due to an Integer Overflow in remap_struct() in sa_common.c. | Ubuntu_linux, Debian_linux, Fedora, Leap, Sysstat | 5.5 | ||
| 2019-09-09 | CVE-2019-16168 | In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a "severe division by zero in the query planner." | Ubuntu_linux, Debian_linux, Fedora, Policy_auditor, Active_iq_unified_manager, E\-Series_santricity_os_controller, Oncommand_insight, Oncommand_workflow_automation, Ontap_select_deploy_administration_utility, Santricity_unified_manager, Steelstore_cloud_integrated_storage, Communications_design_studio, Jdk, Jre, Mysql, Outside_in_technology, Solaris, Zfs_storage_appliance, Sqlite, Nessus_agent | 6.5 | ||
| 2019-09-11 | CVE-2019-16232 | drivers/net/wireless/marvell/libertas/if_sdio.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. | Ubuntu_linux, Fedora, Linux_kernel, Leap | 4.1 | ||
| 2019-09-11 | CVE-2019-16235 | Dino before 2019-09-10 does not properly check the source of a carbons message in module/xep/0280_message_carbons.vala. | Ubuntu_linux, Debian_linux, Dino, Fedora | 7.5 | ||
| 2019-09-11 | CVE-2019-16236 | Dino before 2019-09-10 does not check roster push authorization in module/roster/module.vala. | Ubuntu_linux, Debian_linux, Dino, Fedora | 7.5 | ||
| 2019-09-11 | CVE-2019-16237 | Dino before 2019-09-10 does not properly check the source of an MAM message in module/xep/0313_message_archive_management.vala. | Ubuntu_linux, Debian_linux, Dino, Fedora | 7.5 | ||
| 2019-09-13 | CVE-2019-12922 | A CSRF issue in phpMyAdmin 4.9.0.1 allows deletion of any server in the Setup page. | Fedora, Phpmyadmin | 6.5 | ||
| 2019-09-15 | CVE-2019-14540 | A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariConfig. | Debian_linux, Jackson\-Databind, Fedora, Oncommand_api_services, Oncommand_workflow_automation, Steelstore_cloud_integrated_storage, Banking_platform, Customer_management_and_segmentation_foundation, Financial_services_analytical_applications_infrastructure, Global_lifecycle_management_opatch, Goldengate_application_adapters, Goldengate_stream_analytics, Mysql, Primavera_gateway, Primavera_unifier, Retail_customer_management_and_segmentation_foundation, Retail_xstore_point_of_service, Weblogic_server, Jboss_enterprise_application_platform | 9.8 |