Fedora - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Fedora
(Fedoraproject)

Repositories

• https://github.com/torvalds/linux
• https://github.com/phpmyadmin/phpmyadmin
• https://github.com/krb5/krb5
• https://github.com/mdadams/jasper
• https://github.com/uclouvain/openjpeg

• https://github.com/golang/go
• https://github.com/FasterXML/jackson-databind
• https://github.com/ntp-project/ntp
• https://github.com/apache/httpd
• https://github.com/dbry/WavPack
• https://github.com/json-c/json-c
• https://github.com/jquery/jquery-ui
• https://github.com/ClusterLabs/pcs
• https://github.com/newsoft/libvncserver
• https://github.com/horde/horde
• https://github.com/ipython/ipython
• https://github.com/wesnoth/wesnoth
• https://github.com/saltstack/salt
• git://git.openssl.org/openssl.git
•
• https://github.com/haproxy/haproxy
• https://github.com/pyca/cryptography
• https://github.com/dajobe/raptor
• https://github.com/opencontainers/runc
• https://github.com/openstack/swift
• https://github.com/openssh/openssh-portable
• https://github.com/collectd/collectd
• https://github.com/mongodb/mongo
• https://github.com/ADOdb/ADOdb
• https://github.com/igniterealtime/Smack
• https://github.com/SELinuxProject/selinux
• https://github.com/dlitz/pycrypto
• https://github.com/teeworlds/teeworlds
• https://github.com/karelzak/util-linux
• https://git.kernel.org/pub/scm/git/git.git
• https://github.com/cyrusimap/cyrus-imapd
• https://github.com/ceph/ceph
• https://github.com/lepture/mistune
• https://github.com/MariaDB/server
• https://github.com/golang/net
• https://github.com/FreeRDP/FreeRDP
• https://github.com/sleuthkit/sleuthkit
• https://github.com/Perl/perl5
• https://github.com/python/cpython
• https://github.com/libjpeg-turbo/libjpeg-turbo
• https://github.com/libuv/libuv
• https://github.com/mysql/mysql-server
• https://github.com/libgd/libgd
• https://github.com/SpiderLabs/ModSecurity
• https://github.com/fish-shell/fish-shell
• https://github.com/php/php-src
• https://github.com/quassel/quassel
• https://github.com/ocaml/ocaml
• https://github.com/LibRaw/LibRaw
• https://github.com/sddm/sddm
• https://github.com/axkibe/lsyncd
• https://github.com/visionmedia/send
• https://github.com/rawstudio/rawstudio
• https://github.com/cherokee/webserver
• https://github.com/numpy/numpy
• https://github.com/rjbs/Email-Address
• https://github.com/openid/ruby-openid
• https://github.com/moxiecode/plupload
• https://github.com/libarchive/libarchive

#Vulnerabilities

5215

Date	Id	Summary	Products	Score	Patch	Annotated
2019-08-01	CVE-2019-14494	An issue was discovered in Poppler through 0.78.0. There is a divide-by-zero error in the function SplashOutputDev::tilingPatternFill at SplashOutputDev.cc.	Ubuntu_linux, Debian_linux, Fedora, Poppler, Enterprise_linux	7.5
2019-08-02	CVE-2019-14532	An issue was discovered in The Sleuth Kit (TSK) 4.6.6. There is an off-by-one overwrite due to an underflow on tools/hashtools/hfind.cpp while using a bogus hash table.	Fedora, The_sleuth_kit	9.8
2019-08-05	CVE-2019-14664	In Enigmail below 2.1, an attacker in possession of PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted part(s) can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can be re-sent by the attacker to the intended receiver. If the receiver replies to this (benign looking) email, he unknowingly leaks the plaintext of the encrypted message part(s) back to the attacker. This attack variant bypasses protection...	Enigmail, Fedora	6.5
2019-08-06	CVE-2019-14690	AdPlug 2.3.1 has a heap-based buffer overflow in CxadbmfPlayer::__bmf_convert_stream() in bmf.cpp.	Adplug, Fedora	8.8
2019-08-06	CVE-2019-14691	AdPlug 2.3.1 has a heap-based buffer overflow in CdtmLoader::load() in dtm.cpp.	Adplug, Fedora	8.8
2019-08-06	CVE-2019-14692	AdPlug 2.3.1 has a heap-based buffer overflow in CmkjPlayer::load() in mkj.cpp.	Adplug, Fedora	8.8
2019-08-07	CVE-2019-14732	AdPlug 2.3.1 has multiple heap-based buffer overflows in Ca2mLoader::load() in a2m.cpp.	Adplug, Fedora	8.8
2019-08-07	CVE-2019-14733	AdPlug 2.3.1 has multiple heap-based buffer overflows in CradLoader::load() in rad.cpp.	Adplug, Fedora	8.8
2019-08-07	CVE-2019-14734	AdPlug 2.3.1 has multiple heap-based buffer overflows in CmtkLoader::load() in mtk.cpp.	Adplug, Fedora	8.8
2019-08-07	CVE-2019-14744	In KDE Frameworks KConfig before 5.61.0, malicious desktop files and configuration files lead to code execution with minimal user interaction. This relates to libKF5ConfigCore.so, and the mishandling of .desktop and .directory files, as demonstrated by a shell command on an Icon line in a .desktop file.	Ubuntu_linux, Debian_linux, Fedora, Kconfig, Backports_sle, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation	7.8