Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Fedora
(Fedoraproject)Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2020-02-05 | CVE-2010-5304 | A NULL pointer dereference flaw was found in the way LibVNCServer before 0.9.9 handled certain ClientCutText message. A remote attacker could use this flaw to crash the VNC server by sending a specially crafted ClientCutText message from a VNC client. | Fedora, Libvncserver | N/A | ||
2020-01-31 | CVE-2011-4088 | ABRT might allow attackers to obtain sensitive information from crash reports. | Abrt, Fedora, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation | N/A | ||
2020-01-28 | CVE-2013-1895 | The py-bcrypt module before 0.3 for Python does not properly handle concurrent memory access, which allows attackers to bypass authentication via multiple authentication requests, which trigger the password hash to be overwritten. | Fedora, Py\-Bcrypt | N/A | ||
2020-01-28 | CVE-2013-1437 | Eval injection vulnerability in the Module-Metadata module before 1.000015 for Perl allows remote attackers to execute arbitrary Perl code via the $Version value. | Fedora, Module\-Metadata | N/A | ||
2020-01-28 | CVE-2013-0294 | packet.py in pyrad before 2.1 uses weak random numbers to generate RADIUS authenticators and hash passwords, which makes it easier for remote attackers to obtain sensitive information via a brute force attack. | Fedora, Pyrad | N/A | ||
2020-01-28 | CVE-2014-2581 | Smb4K before 1.1.1 allows remote attackers to obtain credentials via vectors related to the cuid option in the "Additional options" line edit. | Fedora, Smb4k | N/A | ||
2019-12-31 | CVE-2013-4357 | The eglibc package before 2.14 incorrectly handled the getaddrinfo() function. An attacker could use this issue to cause a denial of service. | Ubuntu_linux, Debian_linux, Eglibc, Fedora, Suse_linux_enterprise_server | N/A | ||
2020-01-03 | CVE-2012-4451 | Multiple cross-site scripting (XSS) vulnerabilities in Zend Framework 2.0.x before 2.0.1 allow remote attackers to inject arbitrary web script or HTML via unspecified input to (1) Debug, (2) Feed\PubSubHubbub, (3) Log\Formatter\Xml, (4) Tag\Cloud\Decorator, (5) Uri, (6) View\Helper\HeadStyle, (7) View\Helper\Navigation\Sitemap, or (8) View\Helper\Placeholder\Container\AbstractStandalone, related to Escaper. | Fedora, Enterprise_linux, Zend_framework | N/A | ||
2019-11-18 | CVE-2014-5118 | Trusted Boot (tboot) before 1.8.2 has a 'loader.c' Security Bypass Vulnerability | Fedora, Enterprise_linux, Trusted_boot | N/A | ||
2020-01-02 | CVE-2013-4752 | Symfony 2.0.X before 2.0.24, 2.1.X before 2.1.12, 2.2.X before 2.2.5, and 2.3.X before 2.3.3 have an issue in the HttpFoundation component. The Host header can be manipulated by an attacker when the framework is generating an absolute URL. A remote attacker could exploit this vulnerability to inject malicious content into the Web application page and conduct various attacks. | Fedora, Symfony | N/A |