#Vulnerabilities 753
Date ID Summary Products Score Patch
2019-11-12 CVE-2010-3438 libpoe-component-irc-perl before v6.32 does not remove carriage returns and line feeds. This can be used to execute arbitrary IRC commands by passing an argument such as "some text\rQUIT" to the 'privmsg' handler, which would cause the client to disconnect from the server. Debian_linux, Fedora, Libpoe\-Component\-Irc\-Perl N/A
2019-11-06 CVE-2019-14833 A flaw was found in Samba, all versions starting samba 4.5.0 before samba 4.9.15, samba 4.10.10, samba 4.11.2, in the way it handles a user password change or a new password for a samba user. The Samba Active Directory Domain Controller can be configured to use a custom script to check for password complexity. This configuration can fail to verify password complexity when non-ASCII characters are used in the password, which could lead to weak passwords being set for samba users, making it... Fedora, Leap, Samba N/A
2019-11-08 CVE-2019-10222 A flaw was found in the Ceph RGW configuration with Beast as the front end handling client requests. An unauthenticated attacker could crash the Ceph RGW server by sending valid HTTP headers and terminating the connection, resulting in a remote denial of service for Ceph RGW clients. Ceph, Fedora, Ceph_storage N/A
2019-11-08 CVE-2013-1820 tuned before 2.x allows local users to kill running processes due to insecure permissions with tuned's ktune service. Fedora, Tuned N/A
2019-11-05 CVE-2013-5123 The mirroring support (-M, --use-mirrors) in Python Pip before 1.5 uses insecure DNS querying and authenticity checks which allows attackers to perform man-in-the-middle attacks. Debian_linux, Fedora, Pip, Openshift, Software_collections, Virtualenv N/A
2019-11-07 CVE-2012-0049 OpenTTD before 1.1.5 contains a Denial of Service (slow read attack) that prevents users from joining the server. Debian_linux, Fedora, Openttd N/A
2019-11-06 CVE-2016-1000037 Pagure: XSS possible in file attachment endpoint Fedora, Enterprise_linux, Pagure N/A
2019-11-04 CVE-2013-4409 An eval() vulnerability exists in Python Software Foundation Djblets 0.7.21 and Beanbag Review Board before 1.7.15 when parsing JSON requests. Fedora, Enterprise_linux, Djblets, Review_board N/A
2019-11-04 CVE-2013-4251 The scipy.weave component in SciPy before 0.12.1 creates insecure temporary directories. Debian_linux, Fedora, Enterprise_linux, Scipy N/A
2019-11-06 CVE-2010-4178 MySQL-GUI-tools (mysql-administrator) leaks passwords into process list after with launch of mysql text console Fedora, Mysql\-Gui\-Tools N/A