#Vulnerabilities 880
Date ID Summary Products Score Patch
2020-01-28 CVE-2013-1437 Eval injection vulnerability in the Module-Metadata module before 1.000015 for Perl allows remote attackers to execute arbitrary Perl code via the $Version value. Fedora, Module\-Metadata N/A
2019-12-02 CVE-2019-19118 Django 2.1 before 2.1.15 and 2.2 before 2.2.8 allows unintended model editing. A Django model admin displaying inline related models, where the user has view-only permissions to a parent model but edit permissions to the inline model, would be presented with an editing UI, allowing POST requests, for updating the inline model. Directly editing the view-only parent model was not possible, but the parent model's save() method was called, triggering potential side effects, and causing pre and... Django, Fedora N/A
2020-01-23 CVE-2015-5278 The ne2000_receive function in hw/net/ne2000.c in QEMU before allows attackers to cause a denial of service (infinite loop and instance crash) or possibly execute arbitrary code via vectors related to receiving packets. Ubuntu_linux, Fedora, Qemu N/A
2020-01-28 CVE-2013-0294 in pyrad before 2.1 uses weak random numbers to generate RADIUS authenticators and hash passwords, which makes it easier for remote attackers to obtain sensitive information via a brute force attack. Fedora, Pyrad N/A
2020-01-28 CVE-2014-2581 Smb4K before 1.1.1 allows remote attackers to obtain credentials via vectors related to the cuid option in the "Additional options" line edit. Fedora, Smb4k N/A
2019-11-27 CVE-2019-18660 The Linux kernel before 5.4.1 on powerpc allows Information Exposure because the Spectre-RSB mitigation is not in place for all applicable CPUs, aka CID-39e72bf96f58. This is related to arch/powerpc/kernel/entry_64.S and arch/powerpc/kernel/security.c. Ubuntu_linux, Fedora, Linux_kernel, Leap, Enterprise_linux N/A
2020-01-08 CVE-2019-5188 A code execution vulnerability exists in the directory rehashing functionality of E2fsprogs e2fsck 1.45.4. A specially crafted ext4 directory can cause an out-of-bounds write on the stack, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability. E2fsprogs, Fedora N/A
2020-01-23 CVE-2015-5745 Buffer overflow in the send_control_msg function in hw/char/virtio-serial-bus.c in QEMU before 2.4.0 allows guest users to cause a denial of service (QEMU process crash) via a crafted virtio control message. Fedora, Qemu N/A
2020-01-23 CVE-2015-5239 Integer overflow in the VNC display driver in QEMU before 2.1.0 allows attachers to cause a denial of service (process crash) via a CLIENT_CUT_TEXT message, which triggers an infinite loop. Ubuntu_linux, Fedora, Qemu, Linux_enterprise_debuginfo, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit N/A
2019-09-26 CVE-2019-14844 A flaw was found in, Fedora versions of krb5 from 1.16.1 to, including 1.17.x, in the way a Kerberos client could crash the KDC by sending one of the RFC 4556 "enctypes". A remote unauthenticated user could use this flaw to crash the KDC. Fedora, Kerberos_5, Enterprise_linux N/A