Fedora - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Fedora
(Fedoraproject)

Repositories

• https://github.com/torvalds/linux
• https://github.com/phpmyadmin/phpmyadmin
• https://github.com/krb5/krb5
• https://github.com/mdadams/jasper
• https://github.com/uclouvain/openjpeg

• https://github.com/golang/go
• https://github.com/FasterXML/jackson-databind
• https://github.com/ntp-project/ntp
• https://github.com/apache/httpd
• https://github.com/dbry/WavPack
• https://github.com/json-c/json-c
• https://github.com/jquery/jquery-ui
• https://github.com/ClusterLabs/pcs
• https://github.com/newsoft/libvncserver
• https://github.com/horde/horde
• https://github.com/ipython/ipython
• https://github.com/wesnoth/wesnoth
• https://github.com/saltstack/salt
• git://git.openssl.org/openssl.git
•
• https://github.com/haproxy/haproxy
• https://github.com/pyca/cryptography
• https://github.com/dajobe/raptor
• https://github.com/opencontainers/runc
• https://github.com/openstack/swift
• https://github.com/openssh/openssh-portable
• https://github.com/collectd/collectd
• https://github.com/mongodb/mongo
• https://github.com/ADOdb/ADOdb
• https://github.com/igniterealtime/Smack
• https://github.com/SELinuxProject/selinux
• https://github.com/dlitz/pycrypto
• https://github.com/teeworlds/teeworlds
• https://github.com/karelzak/util-linux
• https://git.kernel.org/pub/scm/git/git.git
• https://github.com/cyrusimap/cyrus-imapd
• https://github.com/ceph/ceph
• https://github.com/lepture/mistune
• https://github.com/MariaDB/server
• https://github.com/golang/net
• https://github.com/FreeRDP/FreeRDP
• https://github.com/sleuthkit/sleuthkit
• https://github.com/Perl/perl5
• https://github.com/python/cpython
• https://github.com/libjpeg-turbo/libjpeg-turbo
• https://github.com/libuv/libuv
• https://github.com/mysql/mysql-server
• https://github.com/libgd/libgd
• https://github.com/SpiderLabs/ModSecurity
• https://github.com/fish-shell/fish-shell
• https://github.com/php/php-src
• https://github.com/quassel/quassel
• https://github.com/ocaml/ocaml
• https://github.com/LibRaw/LibRaw
• https://github.com/sddm/sddm
• https://github.com/axkibe/lsyncd
• https://github.com/visionmedia/send
• https://github.com/rawstudio/rawstudio
• https://github.com/cherokee/webserver
• https://github.com/numpy/numpy
• https://github.com/rjbs/Email-Address
• https://github.com/openid/ruby-openid
• https://github.com/moxiecode/plupload
• https://github.com/libarchive/libarchive

#Vulnerabilities

5329

Date	Id	Summary	Products	Score	Patch	Annotated
2016-12-09	CVE-2016-9014	Django before 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3, when settings.DEBUG is True, allow remote attackers to conduct DNS rebinding attacks by leveraging failure to validate the HTTP Host header against settings.ALLOWED_HOSTS.	Ubuntu_linux, Django, Fedora	8.1
2016-12-13	CVE-2016-5407	The (1) XvQueryAdaptors and (2) XvQueryEncodings functions in X.org libXv before 1.0.11 allow remote X servers to trigger out-of-bounds memory access operations via vectors involving length specifications in received data.	Fedora, Libxv	9.8
2016-12-13	CVE-2016-7942	The XGetImage function in X.org libX11 before 1.6.4 might allow remote X servers to gain privileges via vectors involving image type and geometry, which triggers out-of-bounds read operations.	Fedora, Libx11	9.8
2016-12-13	CVE-2016-7943	The XListFonts function in X.org libX11 before 1.6.4 might allow remote X servers to gain privileges via vectors involving length fields, which trigger out-of-bounds write operations.	Fedora, Libx11	9.8
2016-12-13	CVE-2016-7944	Integer overflow in X.org libXfixes before 5.0.3 on 32-bit platforms might allow remote X servers to gain privileges via a length value of INT_MAX, which triggers the client to stop reading data and get out of sync.	Fedora, Libxfixes	9.8
2016-12-13	CVE-2016-7945	Multiple integer overflows in X.org libXi before 1.7.7 allow remote X servers to cause a denial of service (out-of-bounds memory access or infinite loop) via vectors involving length fields.	Fedora, Libxi	7.5
2016-12-13	CVE-2016-7946	X.org libXi before 1.7.7 allows remote X servers to cause a denial of service (infinite loop) via vectors involving length fields.	Fedora, Libxi	7.5
2016-12-13	CVE-2016-7947	Multiple integer overflows in X.org libXrandr before 1.5.1 allow remote X servers to trigger out-of-bounds write operations via a crafted response.	Fedora, Libxrandr	9.8
2016-12-13	CVE-2016-7948	X.org libXrandr before 1.5.1 allows remote X servers to trigger out-of-bounds write operations by leveraging mishandling of reply data.	Fedora, Libxrandr	9.8
2016-12-13	CVE-2016-7949	Multiple buffer overflows in the (1) XvQueryAdaptors and (2) XvQueryEncodings functions in X.org libXrender before 0.9.10 allow remote X servers to trigger out-of-bounds write operations via vectors involving length fields.	Fedora, Libxrender	9.8