Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Fedora
(Fedoraproject)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2014-12-09 | CVE-2014-9274 | UnRTF allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code as demonstrated by a file containing the string "{\cb-999999999". | Debian_linux, Fedora, Mageia, Unrtf | N/A | ||
| 2014-12-03 | CVE-2014-9220 | SQL injection vulnerability in OpenVAS Manager before 4.0.6 and 5.x before 5.0.7 allows remote attackers to execute arbitrary SQL commands via the timezone parameter in a modify_schedule OMP command. | Fedora, Opensuse, Openvas_manager | N/A | ||
| 2014-11-26 | CVE-2014-9093 | LibreOffice before 4.3.5 allows remote attackers to cause a denial of service (invalid write operation and crash) and possibly execute arbitrary code via a crafted RTF file. | Ubuntu_linux, Debian_linux, Fedora, Libreoffice | N/A | ||
| 2017-10-10 | CVE-2014-9092 | libjpeg-turbo before 1.3.1 allows remote attackers to cause a denial of service (crash) via a crafted JPEG file, related to the Exif marker. | Ubuntu_linux, Fedora, Libjpeg\-Turbo | 6.5 | ||
| 2014-12-05 | CVE-2014-8990 | default-rsyncssh.lua in Lsyncd 2.1.5 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a filename. | Debian_linux, Fedora, Lsyncd | N/A | ||
| 2015-02-01 | CVE-2014-8630 | Bugzilla before 4.0.16, 4.1.x and 4.2.x before 4.2.12, 4.3.x and 4.4.x before 4.4.7, and 5.x before 5.0rc1 allows remote authenticated users to execute arbitrary commands by leveraging the editcomponents privilege and triggering crafted input to a two-argument Perl open call, as demonstrated by shell metacharacters in a product name. | Fedora, Bugzilla | N/A | ||
| 2014-12-10 | CVE-2014-8488 | Cross-site scripting (XSS) vulnerability in the administrator panel in Yourls 1.7 allows remote attackers to inject arbitrary web script or HTML via a URL that is processed by the Shorten functionality. | Fedora, Yourls | N/A | ||
| 2014-12-28 | CVE-2014-8132 | Double free vulnerability in the ssh_packet_kexinit function in kex.c in libssh 0.5.x and 0.6.x before 0.6.4 allows remote attackers to cause a denial of service via a crafted kexinit packet. | Ubuntu_linux, Debian_linux, Fedora, Libssh, Opensuse | N/A | ||
| 2017-12-29 | CVE-2014-8119 | The find_ifcfg_path function in netcf before 0.2.7 might allow attackers to cause a denial of service (application crash) via vectors involving augeas path expressions. | Fedora, Netcf, Enterprise_linux | 7.5 | ||
| 2018-03-08 | CVE-2014-7272 | Simple Desktop Display Manager (SDDM) before 0.10.0 allows local users to gain root privileges because code running as root performs write operations within a user home directory, and this user may have created links in advance (exploitation requires the user to win a race condition in the ~/.Xauthority chown case, but not other cases). | Fedora, Sddm | 7.8 |