Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Fedora
(Fedoraproject)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-02-08 | CVE-2019-7636 | SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in SDL_GetRGB in video/SDL_pixels.c. | Ubuntu_linux, Debian_linux, Fedora, Simple_directmedia_layer, Leap | 8.1 | ||
| 2019-02-08 | CVE-2019-7637 | SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in SDL_FillRect in video/SDL_surface.c. | Ubuntu_linux, Debian_linux, Fedora, Simple_directmedia_layer, Leap | 8.8 | ||
| 2019-02-08 | CVE-2019-7638 | SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in Map1toN in video/SDL_pixels.c. | Ubuntu_linux, Debian_linux, Fedora, Simple_directmedia_layer, Leap | 8.8 | ||
| 2019-02-11 | CVE-2019-6975 | Django 1.11.x before 1.11.19, 2.0.x before 2.0.11, and 2.1.x before 2.1.6 allows Uncontrolled Memory Consumption via a malicious attacker-supplied value to the django.utils.numberformat.format() function. | Ubuntu_linux, Django, Fedora | 7.5 | ||
| 2019-02-17 | CVE-2019-8376 | An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference occurred in the function get_layer4_v6() located at get.c. This can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact. | Tcpreplay, Fedora | 7.8 | ||
| 2019-02-17 | CVE-2019-8377 | An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference occurred in the function get_ipv6_l4proto() located at get.c. This can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact. | Tcpreplay, Fedora | 7.8 | ||
| 2019-02-17 | CVE-2019-8379 | An issue was discovered in AdvanceCOMP through 2.1. A NULL pointer dereference exists in the function be_uint32_read() located in endianrw.h. It can be triggered by sending a crafted file to a binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact when a victim opens a specially crafted file. | Advancecomp, Debian_linux, Fedora, Enterprise_linux_for_power_little_endian, Enterprise_linux_server, Enterprise_linux_workstation | 7.8 | ||
| 2019-02-17 | CVE-2019-8381 | An issue was discovered in Tcpreplay 4.3.1. An invalid memory access occurs in do_checksum in checksum.c. It can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact. | Tcpreplay, Fedora | 7.8 | ||
| 2019-02-17 | CVE-2019-8383 | An issue was discovered in AdvanceCOMP through 2.1. An invalid memory address occurs in the function adv_png_unfilter_8 in lib/png.c. It can be triggered by sending a crafted file to a binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact when a victim opens a specially crafted file. | Advancecomp, Debian_linux, Fedora, Enterprise_linux_for_power_little_endian, Enterprise_linux_server, Enterprise_linux_workstation | 7.8 | ||
| 2019-02-19 | CVE-2019-5754 | Implementation error in QUIC Networking in Google Chrome prior to 72.0.3626.81 allowed an attacker running or able to cause use of a proxy server to obtain cleartext of transport encryption via malicious network proxy. | Debian_linux, Fedora, Chrome, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation | 6.5 |