Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Fedora
(Fedoraproject)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-08-06 | CVE-2019-14691 | AdPlug 2.3.1 has a heap-based buffer overflow in CdtmLoader::load() in dtm.cpp. | Adplug, Fedora | 8.8 | ||
| 2019-08-06 | CVE-2019-14692 | AdPlug 2.3.1 has a heap-based buffer overflow in CmkjPlayer::load() in mkj.cpp. | Adplug, Fedora | 8.8 | ||
| 2019-08-07 | CVE-2019-14732 | AdPlug 2.3.1 has multiple heap-based buffer overflows in Ca2mLoader::load() in a2m.cpp. | Adplug, Fedora | 8.8 | ||
| 2019-08-07 | CVE-2019-14733 | AdPlug 2.3.1 has multiple heap-based buffer overflows in CradLoader::load() in rad.cpp. | Adplug, Fedora | 8.8 | ||
| 2019-08-07 | CVE-2019-14734 | AdPlug 2.3.1 has multiple heap-based buffer overflows in CmtkLoader::load() in mtk.cpp. | Adplug, Fedora | 8.8 | ||
| 2019-08-07 | CVE-2019-14744 | In KDE Frameworks KConfig before 5.61.0, malicious desktop files and configuration files lead to code execution with minimal user interaction. This relates to libKF5ConfigCore.so, and the mishandling of .desktop and .directory files, as demonstrated by a shell command on an Icon line in a .desktop file. | Ubuntu_linux, Debian_linux, Fedora, Kconfig, Backports_sle, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation | 7.8 | ||
| 2019-08-07 | CVE-2019-14745 | In radare2 before 3.7.0, a command injection vulnerability exists in bin_symbols() in libr/core/cbin.c. By using a crafted executable file, it's possible to execute arbitrary shell commands with the permissions of the victim. This vulnerability is due to improper handling of symbol names embedded in executables. | Fedora, Radare2 | 7.8 | ||
| 2019-08-09 | CVE-2019-14234 | An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. Due to an error in shallow key transformation, key and index lookups for django.contrib.postgres.fields.JSONField, and key lookups for django.contrib.postgres.fields.HStoreField, were subject to SQL injection. This could, for example, be exploited via crafted use of "OR 1=1" in a key or index name to return all records, using a suitably crafted dictionary, with dictionary expansion, as the... | Debian_linux, Django, Fedora | 9.8 | ||
| 2019-08-11 | CVE-2019-14934 | An issue was discovered in PDFResurrect before 0.18. pdf_load_pages_kids in pdf.c doesn't validate a certain size value, which leads to a malloc failure and out-of-bounds write. | Debian_linux, Fedora, Pdfresurrect | 7.8 | ||
| 2019-08-14 | CVE-2019-14973 | _TIFFCheckMalloc and _TIFFCheckRealloc in tif_aux.c in LibTIFF through 4.0.10 mishandle Integer Overflow checks because they rely on compiler behavior that is undefined by the applicable C standards. This can, for example, lead to an application crash. | Debian_linux, Fedora, Libtiff, Leap | 6.5 |