Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Fedora
(Fedoraproject)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-12-03 | CVE-2013-4235 | shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees | Debian_linux, Shadow, Fedora, Enterprise_linux | 4.7 | ||
| 2019-12-10 | CVE-2013-2166 | python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache encryption bypass | Debian_linux, Fedora, Python\-Keystoneclient, Openstack | 9.8 | ||
| 2020-01-07 | CVE-2019-14834 | A vulnerability was found in dnsmasq before version 2.81, where the memory leak allows remote attackers to cause a denial of service (memory consumption) via vectors involving DHCP response creation. | Fedora, Dnsmasq | 3.7 | ||
| 2022-09-29 | CVE-2014-0147 | Qemu before 1.6.2 block diver for the various disk image formats used by Bochs and for the QCOW version 2 format, are vulnerable to a possible crash caused by signed data types or a logic error while creating QCOW2 snapshots, which leads to incorrectly calling update_refcount() routine. | Fedora, Qemu, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_openstack_platform, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Virtualization | 6.2 | ||
| 2015-03-24 | CVE-2015-0252 | internal/XMLReader.cpp in Apache Xerces-C before 3.1.2 allows remote attackers to cause a denial of service (segmentation fault and crash) via crafted XML data. | Xerces\-C\+\+, Debian_linux, Fedora | N/A | ||
| 2008-01-09 | CVE-2007-6601 | The DBLink module in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, 7.4 before 7.4.19, and 7.3 before 7.3.21, when local trust or ident authentication is used, allows remote attackers to gain privileges via unspecified vectors. NOTE: this issue exists because of an incomplete fix for CVE-2007-3278. | Debian_linux, Fedora, Postgresql | N/A | ||
| 2020-03-20 | CVE-2019-14855 | A flaw was found in the way certificate signatures could be forged using collisions found in the SHA-1 algorithm. An attacker could use this weakness to create forged certificate signatures. This issue affects GnuPG versions before 2.2.18. | Ubuntu_linux, Fedora, Gnupg | 7.5 | ||
| 2019-03-26 | CVE-2019-3804 | It was found that cockpit before version 184 used glib's base64 decode functionality incorrectly resulting in a denial of service attack. An unauthenticated attacker could send a specially crafted request with an invalid base64-encoded cookie which could cause the web service to crash. | Cockpit, Fedora, Virtualization | 7.5 | ||
| 2015-10-21 | CVE-2015-4802 | Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition, a different vulnerability than CVE-2015-4792. | Ubuntu_linux, Debian_linux, Fedora, Mariadb, Leap, Opensuse, Linux, Mysql, Solaris, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation | N/A | ||
| 2015-10-21 | CVE-2015-4836 | Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : SP. | Ubuntu_linux, Debian_linux, Fedora, Mariadb, Leap, Opensuse, Linux, Mysql, Solaris, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation | N/A |