Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Fedora
(Fedoraproject)Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2019-11-04 | CVE-2013-4409 | An eval() vulnerability exists in Python Software Foundation Djblets 0.7.21 and Beanbag Review Board before 1.7.15 when parsing JSON requests. | Fedora, Enterprise_linux, Djblets, Review_board | N/A | ||
2019-11-04 | CVE-2013-4251 | The scipy.weave component in SciPy before 0.12.1 creates insecure temporary directories. | Debian_linux, Fedora, Enterprise_linux, Scipy | N/A | ||
2019-11-06 | CVE-2010-4178 | MySQL-GUI-tools (mysql-administrator) leaks passwords into process list after with launch of mysql text console | Fedora, Mysql\-Gui\-Tools | N/A | ||
2019-10-31 | CVE-2013-1930 | MantisBT 1.2.12 before 1.2.15 allows authenticated users to by the workflow restriction and close issues. | Fedora, Mantisbt | N/A | ||
2019-10-31 | CVE-2013-1931 | A cross-site scripting (XSS) vulnerability in MantisBT 1.2.14 allows remote attackers to inject arbitrary web script or HTML via a version, related to deleting a version. | Fedora, Mantisbt | N/A | ||
2019-11-04 | CVE-2015-8980 | The plural form formula in ngettext family of calls in php-gettext before 1.0.12 allows remote attackers to execute arbitrary code. | Fedora, Leap, Php\-Gettext, Enterprise_linux | N/A | ||
2019-11-01 | CVE-2013-4751 | php-symfony2-Validator has loss of information during serialization | Fedora, Enterprise_linux, Symfony | N/A | ||
2017-03-17 | CVE-2015-4645 | Integer overflow in the read_fragment_table_4 function in unsquash-4.c in Squashfs and sasquatch allows remote attackers to cause a denial of service (application crash) via a crafted input, which triggers a stack-based buffer overflow. | Fedora, Squashfs | N/A | ||
2018-06-18 | CVE-2018-1090 | In Pulp before version 2.16.2, secrets are passed into override_config when triggering a task and then become readable to all users with read access on the distributor/importer. An attacker with API access can then view these secrets. | Fedora, Pulp, Satellite | 7.5 | ||
2016-06-10 | CVE-2016-3720 | XML external entity (XXE) vulnerability in XmlMapper in the Data format extension for Jackson (aka jackson-dataformat-xml) allows attackers to have unspecified impact via unknown vectors. | Jackson\-Dataformat\-Xml, Fedora | N/A |