Shodan
Vulnerabilities
Vulnerable Software
Fedoraproject:  >> Fedora  >> 30  Security Vulnerabilities
CVE-2019-13113
Exiv2 through 0.27.1 allows an attacker to cause a denial of service (crash due to assertion failure) via an invalid data location in a CRW image file.
CVSS Score
6.5
EPSS Score
0.002
Published
2019-06-30
CVE-2019-13114
http.c in Exiv2 through 0.27.1 allows a malicious http server to cause a denial of service (crash due to a NULL pointer dereference) by returning a crafted response that lacks a space character.
CVSS Score
6.5
EPSS Score
0.004
Published
2019-06-30
CVE-2019-13108
An integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service (SIGSEGV) via a crafted PNG image file, because PngImage::readMetadata mishandles a zero value for iccOffset.
CVSS Score
6.5
EPSS Score
0.004
Published
2019-06-30
CVE-2019-13050
Interaction between the sks-keyserver code through 1.2.0 of the SKS keyserver network, and GnuPG through 2.2.16, makes it risky to have a GnuPG keyserver configuration line referring to a host on the SKS keyserver network. Retrieving data from this network may cause a persistent denial of service, because of a Certificate Spamming Attack.
CVSS Score
7.5
EPSS Score
0.007
Published
2019-06-29
CVE-2019-13038
mod_auth_mellon through 0.14.2 has an Open Redirect via the login?ReturnTo= substring, as demonstrated by omitting the // after http: in the target URL.
CVSS Score
6.1
EPSS Score
0.001
Published
2019-06-29
CVE-2019-5829
Integer overflow in download manager in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
CVSS Score
8.8
EPSS Score
0.022
Published
2019-06-27
CVE-2019-5830
Insufficient policy enforcement in CORS in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVSS Score
6.5
EPSS Score
0.009
Published
2019-06-27
CVE-2019-5831
Object lifecycle issue in V8 in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVSS Score
8.8
EPSS Score
0.022
Published
2019-06-27
CVE-2019-5832
Insufficient policy enforcement in XMLHttpRequest in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVSS Score
6.5
EPSS Score
0.011
Published
2019-06-27
CVE-2019-5833
Incorrect dialog box scoping in browser in Google Chrome on Android prior to 75.0.3770.80 allowed a remote attacker to display misleading security UI via a crafted HTML page.
CVSS Score
4.3
EPSS Score
0.008
Published
2019-06-27


Products
Pricing
Contact Us

Shodan ® - All rights reserved