Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Fedora
(Fedoraproject)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-07-29 | CVE-2019-14267 | PDFResurrect 0.15 has a buffer overflow via a crafted PDF file because data associated with startxref and %%EOF is mishandled. | Fedora, Pdfresurrect | 7.8 | ||
| 2019-07-30 | CVE-2019-14439 | A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9.2. This occurs when Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the logback jar in the classpath. | Drill, Debian_linux, Jackson\-Databind, Fedora, Banking_platform, Communications_diameter_signaling_router, Communications_instant_messaging_server, Financial_services_analytical_applications_infrastructure, Global_lifecycle_management_opatch, Goldengate_stream_analytics, Jd_edwards_enterpriseone_orchestrator, Jd_edwards_enterpriseone_tools, Primavera_gateway, Retail_customer_management_and_segmentation_foundation, Retail_xstore_point_of_service, Siebel_engineering_\-_installer_\&_deployment, Siebel_ui_framework, Jboss_middleware_text\-Only_advisories | 7.5 | ||
| 2019-07-31 | CVE-2019-14459 | nfdump 1.6.17 and earlier is affected by an integer overflow in the function Process_ipfix_template_withdraw in ipfix.c that can be abused in order to crash the process remotely (denial of service). | Debian_linux, Fedora, Nfdump | 7.5 | ||
| 2019-07-31 | CVE-2019-14462 | An issue was discovered in libmodbus before 3.0.7 and 3.1.x before 3.1.5. There is an out-of-bounds read for the MODBUS_FC_WRITE_MULTIPLE_COILS case, aka VD-1302. | Debian_linux, Fedora, Libmodbus | 9.1 | ||
| 2019-07-31 | CVE-2019-14463 | An issue was discovered in libmodbus before 3.0.7 and 3.1.x before 3.1.5. There is an out-of-bounds read for the MODBUS_FC_WRITE_MULTIPLE_REGISTERS case, aka VD-1301. | Debian_linux, Fedora, Libmodbus | 9.1 | ||
| 2019-07-31 | CVE-2019-14464 | XMFile::read in XMFile.cpp in milkyplay in MilkyTracker 1.02.00 has a heap-based buffer overflow. | Ubuntu_linux, Debian_linux, Fedora, Milkytracker | 5.5 | ||
| 2019-08-01 | CVE-2019-14494 | An issue was discovered in Poppler through 0.78.0. There is a divide-by-zero error in the function SplashOutputDev::tilingPatternFill at SplashOutputDev.cc. | Ubuntu_linux, Debian_linux, Fedora, Poppler, Enterprise_linux | 7.5 | ||
| 2019-08-02 | CVE-2019-14532 | An issue was discovered in The Sleuth Kit (TSK) 4.6.6. There is an off-by-one overwrite due to an underflow on tools/hashtools/hfind.cpp while using a bogus hash table. | Fedora, The_sleuth_kit | 9.8 | ||
| 2019-08-05 | CVE-2019-14664 | In Enigmail below 2.1, an attacker in possession of PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted part(s) can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can be re-sent by the attacker to the intended receiver. If the receiver replies to this (benign looking) email, he unknowingly leaks the plaintext of the encrypted message part(s) back to the attacker. This attack variant bypasses protection... | Enigmail, Fedora | 6.5 | ||
| 2019-08-06 | CVE-2019-14690 | AdPlug 2.3.1 has a heap-based buffer overflow in CxadbmfPlayer::__bmf_convert_stream() in bmf.cpp. | Adplug, Fedora | 8.8 |