Shodan
Vulnerabilities
Vulnerable Software
Fedoraproject:  >> Fedora  Security Vulnerabilities
CVE-2019-3871
A vulnerability was found in PowerDNS Authoritative Server before 4.0.7 and before 4.1.7. An insufficient validation of data coming from the user when building a HTTP request from a DNS query in the HTTP Connector of the Remote backend, allowing a remote user to cause a denial of service by making the server connect to an invalid endpoint, or possibly information disclosure by making the server connect to an internal endpoint and somehow extracting meaningful information about the response
CVSS Score
6.5
EPSS Score
0.0
Published
2019-03-21
CVE-2019-9903
PDFDoc::markObject in PDFDoc.cc in Poppler 0.74.0 mishandles dict marking, leading to stack consumption in the function Dict::find() located at Dict.cc, which can (for example) be triggered by passing a crafted pdf file to the pdfunite binary.
CVSS Score
6.5
EPSS Score
0.007
Published
2019-03-21
CVE-2019-9894
A remotely triggerable memory overwrite in RSA key exchange in PuTTY before 0.71 can occur before host key verification.
CVSS Score
7.5
EPSS Score
0.009
Published
2019-03-21
CVE-2019-9895
In PuTTY versions before 0.71 on Unix, a remotely triggerable buffer overflow exists in any kind of server-to-client forwarding.
CVSS Score
9.8
EPSS Score
0.009
Published
2019-03-21
CVE-2019-9897
Multiple denial-of-service attacks that can be triggered by writing to the terminal exist in PuTTY versions before 0.71.
CVSS Score
7.5
EPSS Score
0.019
Published
2019-03-21
CVE-2019-9898
Potential recycling of random numbers used in cryptography exists within PuTTY before 0.71.
CVSS Score
9.8
EPSS Score
0.043
Published
2019-03-21
CVE-2019-7222
The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak.
CVSS Score
5.5
EPSS Score
0.0
Published
2019-03-21
CVE-2019-6778
In QEMU 3.0.0, tcp_emu in slirp/tcp_subr.c has a heap-based buffer overflow.
CVSS Score
7.8
EPSS Score
0.001
Published
2019-03-21
CVE-2019-7221
The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free.
CVSS Score
7.8
EPSS Score
0.001
Published
2019-03-21
CVE-2019-6454
An issue was discovered in sd-bus in systemd 239. bus_process_object() in libsystemd/sd-bus/bus-objects.c allocates a variable-length stack buffer for temporarily storing the object path of incoming D-Bus messages. An unprivileged local user can exploit this by sending a specially crafted message to PID1, causing the stack pointer to jump over the stack guard pages into an unmapped memory region and trigger a denial of service (systemd PID1 crash and kernel panic).
CVSS Score
5.5
EPSS Score
0.001
Published
2019-03-21


Products
Pricing
Contact Us

Shodan ® - All rights reserved