Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Fedora
(Fedoraproject)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-11-01 | CVE-2013-4168 | Cross-site scripting (XSS) vulnerability in SmokePing 2.6.9 in the start and end time fields. | Debian_linux, Fedora, Smokeping | N/A | ||
| 2014-04-30 | CVE-2014-1526 | The XrayWrapper implementation in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site that is visited in the debugger, leading to unwrapping operations and calls to DOM methods on the unwrapped objects. | Ubuntu_linux, Fedora, Firefox, Seamonkey, Opensuse | N/A | ||
| 2014-04-30 | CVE-2014-1525 | The mozilla::dom::TextTrack::AddCue function in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 does not properly perform garbage collection for Text Track Manager variables, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and heap memory corruption) via a crafted VIDEO element in an HTML document. | Ubuntu_linux, Fedora, Firefox, Seamonkey, Opensuse | N/A | ||
| 2014-04-30 | CVE-2014-1522 | The mozilla::dom::OscillatorNodeEngine::ComputeCustom function in the Web Audio subsystem in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read, memory corruption, and application crash) via crafted content. | Ubuntu_linux, Fedora, Firefox, Seamonkey, Opensuse | N/A | ||
| 2014-04-30 | CVE-2014-1519 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | Ubuntu_linux, Fedora, Firefox, Seamonkey, Opensuse | N/A | ||
| 2011-02-18 | CVE-2010-4744 | Multiple unspecified vulnerabilities in abcm2ps before 5.9.13 have unknown impact and attack vectors, a different issue than CVE-2010-3441. | Fedora, Abcm2ps | N/A | ||
| 2011-02-18 | CVE-2010-4743 | Heap-based buffer overflow in the getarena function in abc2ps.c in abcm2ps before 5.9.13 might allow remote attackers to execute arbitrary code via a crafted ABC file, a different vulnerability than CVE-2010-3441. NOTE: some of these details are obtained from third party information. | Fedora, Abcm2ps | N/A | ||
| 2011-02-18 | CVE-2010-3441 | Multiple buffer overflows in abcm2ps before 5.9.12 might allow remote attackers to execute arbitrary code via (1) a crafted input file, related to the PUT0 and PUT1 output macros; (2) a crafted input file, related to the trim_title function; and possibly (3) a long -O option on a command line. | Fedora, Abcm2ps | N/A | ||
| 2010-09-24 | CVE-2010-1773 | Off-by-one error in the toAlphabetic function in rendering/RenderListMarker.cpp in WebCore in WebKit before r59950, as used in Google Chrome before 5.0.375.70, allows remote attackers to obtain sensitive information, cause a denial of service (memory corruption and application crash), or possibly execute arbitrary code via vectors related to list markers for HTML lists, aka rdar problem 8009118. | Ubuntu_linux, Fedora, Chrome, Opensuse, Enterprise_linux | N/A | ||
| 2013-12-11 | CVE-2013-6673 | Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 do not recognize a user's removal of trust from an EV X.509 certificate, which makes it easier for man-in-the-middle attackers to spoof SSL servers in opportunistic circumstances via a valid certificate that is unacceptable to the user. | Ubuntu_linux, Fedora, Firefox, Firefox_esr, Seamonkey, Thunderbird, Opensuse, Linux_enterprise_desktop, Linux_enterprise_server, Suse_linux_enterprise_software_development_kit | N/A |