Shodan
Vulnerabilities
Vulnerable Software
Fedoraproject:  >> Fedora  >> 33  Security Vulnerabilities
CVE-2019-14691
AdPlug 2.3.1 has a heap-based buffer overflow in CdtmLoader::load() in dtm.cpp.
CVSS Score
8.8
EPSS Score
0.005
Published
2019-08-06
CVE-2019-14692
AdPlug 2.3.1 has a heap-based buffer overflow in CmkjPlayer::load() in mkj.cpp.
CVSS Score
8.8
EPSS Score
0.005
Published
2019-08-06
CVE-2019-3882
A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory limit. If a device is bound to a vfio driver, such as vfio-pci, and the local attacker is administratively granted ownership of the device, it may cause a system memory exhaustion and thus a denial of service (DoS). Versions 3.10, 4.14 and 4.18 are vulnerable.
CVSS Score
4.7
EPSS Score
0.0
Published
2019-04-24
CVE-2019-11412
An issue was discovered in Artifex MuJS 1.0.5. jscompile.c can cause a denial of service (invalid stack-frame jump) because it lacks an ENDTRY opcode call.
CVSS Score
7.5
EPSS Score
0.018
Published
2019-04-22
CVE-2019-11234
FreeRADIUS before 3.0.19 does not prevent use of reflection for authentication spoofing, aka a "Dragonblood" issue, a similar issue to CVE-2019-9497.
CVSS Score
9.8
EPSS Score
0.216
Published
2019-04-22
CVE-2018-19296
PHPMailer before 5.2.27 and 6.x before 6.0.6 is vulnerable to an object injection attack.
CVSS Score
8.8
EPSS Score
0.013
Published
2018-11-16
CVE-2018-17825
An issue was discovered in AdPlug 2.3.1. There are several double-free vulnerabilities in the CEmuopl class in emuopl.cpp because of a destructor's two OPLDestroy calls, each of which frees TL_TABLE, SIN_TABLE, AMS_TABLE, and VIB_TABLE.
CVSS Score
9.8
EPSS Score
0.005
Published
2018-10-01
CVE-2017-6888
An error in the "read_metadata_vorbiscomment_()" function (src/libFLAC/stream_decoder.c) in FLAC version 1.3.2 can be exploited to cause a memory leak via a specially crafted FLAC file.
CVSS Score
5.5
EPSS Score
0.004
Published
2018-04-25
CVE-2017-9271
The commandline package update tool zypper writes HTTP proxy credentials into its logfile, allowing local attackers to gain access to proxies used.
CVSS Score
4.0
EPSS Score
0.001
Published
2018-03-01
CVE-2017-13749
There is a reachable assertion abort in the function jpc_pi_nextrpcl() in jpc/jpc_t2cod.c in JasPer 2.0.12 that will lead to a remote denial of service attack.
CVSS Score
7.5
EPSS Score
0.01
Published
2017-08-29


Products
Pricing
Contact Us

Shodan ® - All rights reserved