The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Red Hat Fedora

Python urllib3: information disclosure via Authorization Header
An attacker can bypass access restrictions to data via Authorization Header of Python urllib3, in order to obtain sensitive information...
FEDORA-2018-6b10449b15, FEDORA-2018-b0d6ae1959, VIGILANCE-VUL-27864
Linux kernel: NULL pointer dereference via vcpu_scan_ioapic
An attacker can force a NULL pointer to be dereferenced via vcpu_scan_ioapic() of the Linux kernel, in order to trigger a denial of service...
CERTFR-2019-AVI-035, CERTFR-2019-AVI-038, CERTFR-2019-AVI-041, CERTFR-2019-AVI-042, CERTFR-2019-AVI-044, CERTFR-2019-AVI-051, CERTFR-2019-AVI-114, CERTFR-2019-AVI-233, CVE-2018-19407, DLA-1715-1, FEDORA-2018-3857a8b41a, FEDORA-2018-87ba0312c2, openSUSE-SU-2019:0065-1, openSUSE-SU-2019:0140-1, SUSE-SU-2019:0148-1, SUSE-SU-2019:0196-1, SUSE-SU-2019:0222-1, SUSE-SU-2019:0224-1, SUSE-SU-2019:0320-1, SUSE-SU-2019:0541-1, SUSE-SU-2019:1287-1, SUSE-SU-2019:1289-1, SUSE-SU-2019:13937-1, SUSE-SU-2019:13979-1, USN-3871-1, USN-3871-2, USN-3871-3, USN-3871-4, USN-3871-5, USN-3872-1, USN-3878-1, USN-3878-2, USN-3879-1, USN-3879-2, VIGILANCE-VUL-27856
Xen: denial of service via Shadow Paging
An attacker, inside a guest system, can generate a fatal error via Shadow Paging of Xen, in order to trigger a denial of service on the host system...
CERTFR-2018-AVI-566, CVE-2018-19966, DLA-1949-1, DSA-4369-1, FEDORA-2018-2fde555d91, FEDORA-2019-3e89502cb1, FEDORA-2019-bce6498890, openSUSE-SU-2018:4111-1, openSUSE-SU-2018:4304-1, openSUSE-SU-2019:1226-1, SUSE-SU-2018:4070-1, SUSE-SU-2018:4300-1, SUSE-SU-2019:0003-1, SUSE-SU-2019:0020-1, SUSE-SU-2019:0825-1, SUSE-SU-2019:0827-1, SUSE-SU-2019:13921-1, SUSE-SU-2019:14011-1, VIGILANCE-VUL-27847, XSA-280
Xen: denial of service via INVPCID Non-canonical Addresses
An attacker, inside a guest system, can generate a fatal error via INVPCID Non-canonical Addresses of Xen, in order to trigger a denial of service on the host system...
CERTFR-2018-AVI-564, CERTFR-2018-AVI-566, CTX239432, CVE-2018-19965, DSA-4369-1, FEDORA-2018-2fde555d91, FEDORA-2019-3e89502cb1, FEDORA-2019-bce6498890, openSUSE-SU-2018:4111-1, openSUSE-SU-2018:4304-1, openSUSE-SU-2019:1226-1, SUSE-SU-2018:4070-1, SUSE-SU-2018:4300-1, SUSE-SU-2019:0003-1, SUSE-SU-2019:0020-1, SUSE-SU-2019:0827-1, SUSE-SU-2019:13921-1, SUSE-SU-2019:14011-1, SUSE-SU-2020:0388-1, VIGILANCE-VUL-27846, XSA-279
Xen: denial of service via x86 P2M Page Removals
An attacker, inside a guest system, can generate a fatal error via x86 P2M Page Removals of Xen, in order to trigger a denial of service on the host system...
CERTFR-2018-AVI-566, CVE-2018-19964, FEDORA-2018-2fde555d91, FEDORA-2019-3e89502cb1, SUSE-SU-2019:0003-1, VIGILANCE-VUL-27845, XSA-277
Xen: denial of service via x86 IOREQ
An attacker, inside a guest system, can generate a fatal error via x86 IOREQ of Xen, in order to trigger a denial of service on the host system...
CERTFR-2018-AVI-566, CVE-2018-19963, FEDORA-2018-2fde555d91, FEDORA-2019-3e89502cb1, SUSE-SU-2019:0003-1, VIGILANCE-VUL-27844, XSA-276
Xen: privilege escalation via Insufficient AMD IOMMU TLB Flushing
An attacker, inside a guest system, can bypass restrictions via Insufficient TLB Flushing of Xen, in order to escalate his privileges on the host system...
CERTFR-2018-AVI-564, CERTFR-2018-AVI-566, CTX239432, CVE-2018-19961, CVE-2018-19962, DLA-1949-1, DSA-4369-1, FEDORA-2018-2fde555d91, FEDORA-2019-3e89502cb1, FEDORA-2019-bce6498890, openSUSE-SU-2018:4111-1, openSUSE-SU-2018:4304-1, openSUSE-SU-2019:1226-1, SUSE-SU-2018:4070-1, SUSE-SU-2018:4300-1, SUSE-SU-2019:0003-1, SUSE-SU-2019:0020-1, SUSE-SU-2019:0825-1, SUSE-SU-2019:0827-1, SUSE-SU-2019:13921-1, SUSE-SU-2019:14011-1, VIGILANCE-VUL-27843, XSA-275
QEMU: use after free via v9fs_path_copy
An attacker, inside a guest system, can force the usage of a freed memory area via v9fs_path_copy() of QEMU, in order to trigger a denial of service, and possibly to run code on the host system...
CVE-2018-19364, DLA-1646-1, DSA-4454-1, DSA-4454-2, FEDORA-2019-88a98ce795, openSUSE-SU-2019:0254-1, openSUSE-SU-2019:1074-1, SUSE-SU-2019:0423-1, SUSE-SU-2019:0435-1, SUSE-SU-2019:0457-1, SUSE-SU-2019:0471-1, SUSE-SU-2019:0471-2, SUSE-SU-2019:0489-1, SUSE-SU-2019:0582-1, SUSE-SU-2019:13962-1, USN-3826-1, VIGILANCE-VUL-27833
uriparser: three vulnerabilities
An attacker can use several vulnerabilities of uriparser...
CVE-2018-19198, CVE-2018-19199, CVE-2018-19200, DLA-1581-1, FEDORA-2018-4003413459, FEDORA-2018-96b48b34ae, FEDORA-2018-a3ef0a026f, FEDORA-2018-c5c72a45ea, openSUSE-SU-2019:0165-1, openSUSE-SU-2019:0171-1, RHSA-2019:2280-01, SUSE-SU-2019:0228-1, VIGILANCE-VUL-27831
OpenJPEG: NULL pointer dereference via imagetopnm
An attacker can force a NULL pointer to be dereferenced via imagetopnm() of OpenJPEG, in order to trigger a denial of service...
CVE-2018-18088, DLA-1579-1, DSA-4405-1, FEDORA-2018-200c84e08a, FEDORA-2018-87c15da28c, SSA:2019-095-01, USN-4109-1, VIGILANCE-VUL-27829
Our database contains other pages. You can request a free trial to read them.

Display information about Red Hat Fedora: