Product:

Fedora

(Fedoraproject)
Repositories https://github.com/phpmyadmin/phpmyadmin
https://github.com/mdadams/jasper
https://github.com/krb5/krb5
https://github.com/uclouvain/openjpeg
https://github.com/FasterXML/jackson-databind
https://github.com/golang/go
https://github.com/torvalds/linux
https://github.com/ntp-project/ntp
https://github.com/horde/horde
https://github.com/ClusterLabs/pcs
https://github.com/ipython/ipython
https://github.com/wesnoth/wesnoth
https://github.com/saltstack/salt
https://github.com/newsoft/libvncserver
https://github.com/json-c/json-c
https://github.com/dbry/WavPack
https://git.kernel.org/pub/scm/git/git.git
https://github.com/ceph/ceph
https://github.com/MariaDB/server
https://github.com/fish-shell/fish-shell
https://github.com/Perl/perl5
https://github.com/opencontainers/runc
https://github.com/libjpeg-turbo/libjpeg-turbo
https://github.com/python/cpython
https://github.com/golang/net
https://github.com/lepture/mistune
https://github.com/cyrusimap/cyrus-imapd
https://github.com/teeworlds/teeworlds
https://github.com/pyca/cryptography
https://github.com/SELinuxProject/selinux
https://github.com/ADOdb/ADOdb
https://github.com/openssh/openssh-portable
https://github.com/mongodb/mongo
https://github.com/collectd/collectd
https://github.com/php/php-src
https://github.com/quassel/quassel
https://github.com/igniterealtime/Smack
https://github.com/ocaml/ocaml
https://github.com/LibRaw/LibRaw
https://github.com/sddm/sddm
https://github.com/libuv/libuv
https://github.com/karelzak/util-linux
https://github.com/axkibe/lsyncd
https://github.com/visionmedia/send
https://github.com/rawstudio/rawstudio
https://github.com/cherokee/webserver
https://github.com/numpy/numpy
https://github.com/rjbs/Email-Address
https://github.com/dlitz/pycrypto
https://github.com/openid/ruby-openid
https://github.com/moxiecode/plupload
https://github.com/libarchive/libarchive
#Vulnerabilities 753
Date ID Summary Products Score Patch
2019-11-12 CVE-2010-3438 libpoe-component-irc-perl before v6.32 does not remove carriage returns and line feeds. This can be used to execute arbitrary IRC commands by passing an argument such as "some text\rQUIT" to the 'privmsg' handler, which would cause the client to disconnect from the server. Debian_linux, Fedora, Libpoe\-Component\-Irc\-Perl N/A
2019-11-06 CVE-2019-14833 A flaw was found in Samba, all versions starting samba 4.5.0 before samba 4.9.15, samba 4.10.10, samba 4.11.2, in the way it handles a user password change or a new password for a samba user. The Samba Active Directory Domain Controller can be configured to use a custom script to check for password complexity. This configuration can fail to verify password complexity when non-ASCII characters are used in the password, which could lead to weak passwords being set for samba users, making it... Fedora, Leap, Samba N/A
2019-11-08 CVE-2019-10222 A flaw was found in the Ceph RGW configuration with Beast as the front end handling client requests. An unauthenticated attacker could crash the Ceph RGW server by sending valid HTTP headers and terminating the connection, resulting in a remote denial of service for Ceph RGW clients. Ceph, Fedora, Ceph_storage N/A
2019-11-08 CVE-2013-1820 tuned before 2.x allows local users to kill running processes due to insecure permissions with tuned's ktune service. Fedora, Tuned N/A
2019-11-05 CVE-2013-5123 The mirroring support (-M, --use-mirrors) in Python Pip before 1.5 uses insecure DNS querying and authenticity checks which allows attackers to perform man-in-the-middle attacks. Debian_linux, Fedora, Pip, Openshift, Software_collections, Virtualenv N/A
2019-11-07 CVE-2012-0049 OpenTTD before 1.1.5 contains a Denial of Service (slow read attack) that prevents users from joining the server. Debian_linux, Fedora, Openttd N/A
2019-11-06 CVE-2016-1000037 Pagure: XSS possible in file attachment endpoint Fedora, Enterprise_linux, Pagure N/A
2019-11-04 CVE-2013-4409 An eval() vulnerability exists in Python Software Foundation Djblets 0.7.21 and Beanbag Review Board before 1.7.15 when parsing JSON requests. Fedora, Enterprise_linux, Djblets, Review_board N/A
2019-11-04 CVE-2013-4251 The scipy.weave component in SciPy before 0.12.1 creates insecure temporary directories. Debian_linux, Fedora, Enterprise_linux, Scipy N/A
2019-11-06 CVE-2010-4178 MySQL-GUI-tools (mysql-administrator) leaks passwords into process list after with launch of mysql text console Fedora, Mysql\-Gui\-Tools N/A