National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/o:fedoraproject:fedora:29
There are 146 matching records.
Displaying matches 21 through 40.
Vuln ID Summary CVSS Severity
CVE-2019-3870

A vulnerability was found in Samba from version (including) 4.9 to versions before 4.9.6 and 4.10.2. During the creation of a new Samba AD DC, files are created in a private subdirectory of the install location. This directory is typically mode 0700, that is owner (root) only access. However in some upgraded installations it will have other permissions, such as 0755, because this was the default before Samba 4.8. Within this directory, files are created with mode 0666, which is world-writable, including a sample krb5.conf, and the list of DNS names and servicePrincipalName values to update.

Published: April 09, 2019; 12:29:01 PM -04:00
V3: 6.1 MEDIUM
V2: 3.6 LOW
CVE-2019-10903

In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DCERPC SPOOLSS dissector could crash. This was addressed in epan/dissectors/packet-dcerpc-spoolss.c by adding a boundary check.

Published: April 09, 2019; 12:29:01 AM -04:00
V3: 7.5 HIGH
V2: 5.0 MEDIUM
CVE-2019-10902

In Wireshark 3.0.0, the TSDNS dissector could crash. This was addressed in epan/dissectors/packet-tsdns.c by splitting strings safely.

Published: April 09, 2019; 12:29:01 AM -04:00
V3: 7.5 HIGH
V2: 5.0 MEDIUM
CVE-2019-10901

In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the LDSS dissector could crash. This was addressed in epan/dissectors/packet-ldss.c by handling file digests properly.

Published: April 09, 2019; 12:29:01 AM -04:00
V3: 7.5 HIGH
V2: 5.0 MEDIUM
CVE-2019-10900

In Wireshark 3.0.0, the Rbm dissector could go into an infinite loop. This was addressed in epan/dissectors/file-rbm.c by handling unknown object types safely.

Published: April 09, 2019; 12:29:01 AM -04:00
V3: 7.5 HIGH
V2: 5.0 MEDIUM
CVE-2019-10899

In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the SRVLOC dissector could crash. This was addressed in epan/dissectors/packet-srvloc.c by preventing a heap-based buffer under-read.

Published: April 09, 2019; 12:29:01 AM -04:00
V3: 7.5 HIGH
V2: 5.0 MEDIUM
CVE-2019-10898

In Wireshark 3.0.0, the GSUP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-gsm_gsup.c by rejecting an invalid Information Element length.

Published: April 09, 2019; 12:29:01 AM -04:00
V3: 7.5 HIGH
V2: 5.0 MEDIUM
CVE-2019-10897

In Wireshark 3.0.0, the IEEE 802.11 dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-ieee80211.c by detecting cases in which the bit offset does not advance.

Published: April 09, 2019; 12:29:01 AM -04:00
V3: 7.5 HIGH
V2: 5.0 MEDIUM
CVE-2019-10896

In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DOF dissector could crash. This was addressed in epan/dissectors/packet-dof.c by properly handling generated IID and OID bytes.

Published: April 09, 2019; 12:29:01 AM -04:00
V3: 7.5 HIGH
V2: 5.0 MEDIUM
CVE-2019-10895

In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the NetScaler file parser could crash. This was addressed in wiretap/netscaler.c by improving data validation.

Published: April 09, 2019; 12:29:01 AM -04:00
V3: 7.5 HIGH
V2: 5.0 MEDIUM
CVE-2019-10894

In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the GSS-API dissector could crash. This was addressed in epan/dissectors/packet-gssapi.c by ensuring that a valid dissector is called.

Published: April 09, 2019; 12:29:00 AM -04:00
V3: 7.5 HIGH
V2: 5.0 MEDIUM
CVE-2019-11026

FontInfoScanner::scanFonts in FontInfo.cc in Poppler 0.75.0 has infinite recursion, leading to a call to the error function in Error.cc.

Published: April 08, 2019; 07:29:00 PM -04:00
V3: 6.5 MEDIUM
V2: 4.3 MEDIUM
CVE-2019-0211

In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. Non-Unix systems are not affected.

Published: April 08, 2019; 06:29:00 PM -04:00
V3: 7.8 HIGH
V2: 7.2 HIGH
CVE-2019-0217

In Apache HTTP Server 2.4 release 2.4.38 and prior, a race condition in mod_auth_digest when running in a threaded server could allow a user with valid credentials to authenticate using another username, bypassing configured access control restrictions.

Published: April 08, 2019; 05:29:00 PM -04:00
V3: 7.5 HIGH
V2: 6.0 MEDIUM
CVE-2019-0215

In Apache HTTP Server 2.4 releases 2.4.37 and 2.4.38, a bug in mod_ssl when using per-location client certificate verification with TLSv1.3 allowed a client to bypass configured access control restrictions.

Published: April 08, 2019; 04:29:10 PM -04:00
V3: 7.5 HIGH
V2: 6.0 MEDIUM
CVE-2019-10906

In Pallets Jinja before 2.10.1, str.format_map allows a sandbox escape.

Published: April 06, 2019; 08:29:00 PM -04:00
V3: 8.6 HIGH
V2: 5.0 MEDIUM
CVE-2019-3877

A vulnerability was found in mod_auth_mellon before v0.14.2. An open redirect in the logout URL allows requests with backslashes to pass through by assuming that it is a relative URL, while the browsers silently convert backslash characters into forward slashes treating them as an absolute URL. This mismatch allows an attacker to bypass the redirect URL validation logic in apr_uri_parse function.

Published: March 27, 2019; 09:29:01 AM -04:00
V3: 6.1 MEDIUM
V2: 4.3 MEDIUM
CVE-2019-9917

ZNC before 1.7.3-rc1 allows an existing remote user to cause a Denial of Service (crash) via invalid encoding.

Published: March 27, 2019; 02:29:00 AM -04:00
V3: 6.5 MEDIUM
V2: 4.0 MEDIUM
CVE-2019-6341

In Drupal 7 versions prior to 7.65; Drupal 8.6 versions prior to 8.6.13;Drupal 8.5 versions prior to 8.5.14. Under certain circumstances the File module/subsystem allows a malicious user to upload a file that can trigger a cross-site scripting (XSS) vulnerability.

Published: March 26, 2019; 02:29:01 PM -04:00
V3: 5.4 MEDIUM
V2: 3.5 LOW
CVE-2019-3878

A vulnerability was found in mod_auth_mellon before v0.14.2. If Apache is configured as a reverse proxy and mod_auth_mellon is configured to only let through authenticated users (with the require valid-user directive), adding special HTTP headers that are normally used to start the special SAML ECP (non-browser based) can be used to bypass authentication.

Published: March 26, 2019; 02:29:00 PM -04:00
V3: 8.1 HIGH
V2: 6.8 MEDIUM