Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Extra_packages_for_enterprise_linux
(Fedoraproject)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 76 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-08-17 | CVE-2020-14394 | An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block (TRB) Ring. This flaw allows a privileged guest user to hang the QEMU process on the host, resulting in a denial of service. | Extra_packages_for_enterprise_linux, Fedora, Qemu, Enterprise_linux, Openstack_platform | 3.2 | ||
| 2022-08-29 | CVE-2022-0367 | A heap-based buffer overflow flaw was found in libmodbus in function modbus_reply() in src/modbus.c. | Debian_linux, Extra_packages_for_enterprise_linux, Fedora, Libmodbus | 7.8 | ||
| 2022-09-19 | CVE-2022-3213 | A heap buffer overflow issue was found in ImageMagick. When an application processes a malformed TIFF file, it could lead to undefined behavior or a crash causing a denial of service. | Extra_packages_for_enterprise_linux, Fedora, Imagemagick | 5.5 | ||
| 2022-09-30 | CVE-2022-40313 | Recursive rendering of Mustache template helpers containing user input could, in some cases, result in an XSS risk or a page failing to load. | Extra_packages_for_enterprise_linux, Fedora, Moodle | 7.1 | ||
| 2022-09-30 | CVE-2022-40315 | A limited SQL injection risk was identified in the "browse list of users" site administration page. | Extra_packages_for_enterprise_linux, Fedora, Moodle | 9.8 | ||
| 2022-09-30 | CVE-2022-40316 | The H5P activity attempts report did not filter by groups, which in separate groups mode could reveal information to non-editing teachers about attempts/users in groups they should not have access to. | Extra_packages_for_enterprise_linux, Fedora, Moodle | 4.3 | ||
| 2022-11-29 | CVE-2022-4144 | An out-of-bounds read flaw was found in the QXL display device emulation in QEMU. The qxl_phys2virt() function does not check the size of the structure pointed to by the guest physical address, potentially reading past the end of the bar space into adjacent pages. A malicious guest user could use this flaw to crash the QEMU process on the host causing a denial of service condition. | Extra_packages_for_enterprise_linux, Fedora, Qemu, Enterprise_linux | 6.5 | ||
| 2022-12-09 | CVE-2022-4170 | The rxvt-unicode package is vulnerable to a remote code execution, in the Perl background extension, when an attacker can control the data written to the user's terminal and certain options are set. | Extra_packages_for_enterprise_linux, Fedora, Rxvt\-Unicode | 9.8 | ||
| 2023-03-23 | CVE-2023-1289 | A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and causes a segmentation fault. This flaw allows a remote attacker to pass a specially crafted SVG file that leads to a segmentation fault, generating many trash files in "/tmp," resulting in a denial of service. When ImageMagick crashes, it generates a lot of trash files. These trash files can be large if the SVG file contains many render actions. In a denial of service attack, if a remote... | Extra_packages_for_enterprise_linux, Fedora, Imagemagick, Enterprise_linux | 5.5 | ||
| 2023-05-02 | CVE-2023-30944 | The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in external Wiki method for listing pages. A remote attacker can send a specially crafted request to the affected application and execute limited SQL commands within the application database. | Extra_packages_for_enterprise_linux, Fedora, Moodle | 7.3 |