Filtered by vendor Fedoraproject
Subscribe
Total
5187 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-9515 | 12 Apache, Apple, Canonical and 9 more | 24 Traffic Server, Mac Os X, Swiftnio and 21 more | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of service. The attacker sends a stream of SETTINGS frames to the peer. Since the RFC requires that the peer reply with one acknowledgement per SETTINGS frame, an empty SETTINGS frame is almost equivalent in behavior to a ping. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both. | |||||
| CVE-2019-9514 | 13 Apache, Apple, Canonical and 10 more | 30 Traffic Server, Mac Os X, Swiftnio and 27 more | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both. | |||||
| CVE-2019-9513 | 12 Apache, Apple, Canonical and 9 more | 22 Traffic Server, Mac Os X, Swiftnio and 19 more | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the priority tree. This can consume excess CPU. | |||||
| CVE-2019-9511 | 12 Apache, Apple, Canonical and 9 more | 22 Traffic Server, Mac Os X, Swiftnio and 19 more | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. The attacker requests a large amount of data from a specified resource over multiple streams. They manipulate window size and stream priority to force the server to queue the data in 1-byte chunks. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both. | |||||
| CVE-2019-9499 | 6 Debian, Fedoraproject, Freebsd and 3 more | 9 Debian Linux, Fedora, Freebsd and 6 more | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| The implementations of EAP-PWD in wpa_supplicant EAP Peer, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may complete authentication, session key and control of the data connection with a client. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected. | |||||
| CVE-2019-9498 | 6 Debian, Fedoraproject, Freebsd and 3 more | 9 Debian Linux, Fedora, Freebsd and 6 more | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| The implementations of EAP-PWD in hostapd EAP Server, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may be able to use invalid scalar/element values to complete authentication, gaining session key and network access without needing or learning the password. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected. | |||||
| CVE-2019-9497 | 2 Fedoraproject, W1.fi | 3 Fedora, Hostapd, Wpa Supplicant | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| The implementations of EAP-PWD in hostapd EAP Server and wpa_supplicant EAP Peer do not validate the scalar and element values in EAP-pwd-Commit. This vulnerability may allow an attacker to complete EAP-PWD authentication without knowing the password. However, unless the crypto library does not implement additional checks for the EC point, the attacker will not be able to derive the session key or complete the key exchange. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected. | |||||
| CVE-2019-9496 | 2 Fedoraproject, W1.fi | 3 Fedora, Hostapd, Wpa Supplicant | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An invalid authentication sequence could result in the hostapd process terminating due to missing state validation steps when processing the SAE confirm message when in hostapd/AP mode. All version of hostapd with SAE support are vulnerable. An attacker may force the hostapd process to terminate, performing a denial of service attack. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.7 are affected. | |||||
| CVE-2019-9495 | 6 Debian, Fedoraproject, Freebsd and 3 more | 9 Debian Linux, Fedora, Freebsd and 6 more | 2024-11-21 | 4.3 MEDIUM | 3.7 LOW |
| The implementations of EAP-PWD in hostapd and wpa_supplicant are vulnerable to side-channel attacks as a result of cache access patterns. All versions of hostapd and wpa_supplicant with EAP-PWD support are vulnerable. The ability to install and execute applications is necessary for a successful attack. Memory access patterns are visible in a shared cache. Weak passwords may be cracked. Versions of hostapd/wpa_supplicant 2.7 and newer, are not vulnerable to the timing attack described in CVE-2019-9494. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected. | |||||
| CVE-2019-9494 | 5 Fedoraproject, Freebsd, Opensuse and 2 more | 8 Fedora, Freebsd, Backports Sle and 5 more | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| The implementations of SAE in hostapd and wpa_supplicant are vulnerable to side channel attacks as a result of observable timing differences and cache access patterns. An attacker may be able to gain leaked information from a side channel attack that can be used for full password recovery. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.7 are affected. | |||||
| CVE-2019-9433 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libvpx, there is a possible information disclosure due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-80479354 | |||||
| CVE-2019-9371 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2024-11-21 | 7.1 HIGH | 6.5 MEDIUM |
| In libvpx, there is a possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-132783254 | |||||
| CVE-2019-9325 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| In libvpx, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112001302 | |||||
| CVE-2019-9278 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| In libexif, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege in the media content provider with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112537774 | |||||
| CVE-2019-9232 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| In libvpx, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-122675483 | |||||
| CVE-2019-9211 | 3 Fedoraproject, Gnu, Suse | 4 Fedora, Pspp, Backports and 1 more | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| There is a reachable assertion abort in the function write_long_string_missing_values() in data/sys-file-writer.c in libdata.a in GNU PSPP 1.2.0 that will lead to denial of service. | |||||
| CVE-2019-9210 | 4 Advancemame, Canonical, Debian and 1 more | 4 Advancecomp, Ubuntu Linux, Debian Linux and 1 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| In AdvanceCOMP 2.1, png_compress in pngex.cc in advpng has an integer overflow upon encountering an invalid PNG size, which results in an attempted memcpy to write into a buffer that is too small. (There is also a heap-based buffer over-read.) | |||||
| CVE-2019-9199 | 2 Fedoraproject, Podofo Project | 2 Fedora, Podofo | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| PoDoFo::Impose::PdfTranslator::setSource() in pdftranslator.cpp in PoDoFo 0.9.6 has a NULL pointer dereference that can (for example) be triggered by sending a crafted PDF file to the podofoimpose binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact. | |||||
| CVE-2019-9133 | 3 Fedoraproject, Kmplayer, Microsoft | 3 Fedora, Kmplayer, Windows | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| When processing subtitles format media file, KMPlayer version 2018.12.24.14 or lower doesn't check object size correctly, which leads to integer underflow then to memory out-of-bound read/write. An attacker can exploit this issue by enticing an unsuspecting user to open a malicious file. | |||||
| CVE-2019-8936 | 5 Fedoraproject, Hpe, Netapp and 2 more | 6 Fedora, Hpux-ntp, Clustered Data Ontap and 3 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| NTP through 4.2.8p12 has a NULL Pointer Dereference. | |||||