CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Fedoraproject : Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2017-1002150 601 CSRF 2017-09-14 2017-09-21
5.8
None Remote Medium Not required Partial Partial None
python-fedora 0.8.0 and lower is vulnerable to an open redirect resulting in loss of CSRF protection
2 CVE-2017-1000001 20 2017-07-17 2017-07-26
5.0
None Remote Low Not required None Partial None
FedMsg 0.18.1 and older is vulnerable to a message validation flaw resulting in message validation not being enabled if configured to be on.
3 CVE-2017-13704 20 2017-10-02 2017-10-13
5.0
None Remote Low Not required None None Partial
In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero's (0xffffffffffffffff in 64 bit platforms), making dnsmasq crash.
4 CVE-2017-12843 20 2017-08-22 2017-08-26
4.0
None Remote Low Single system None Partial None
Cyrus IMAP before 3.0.3 allows remote authenticated users to write to arbitrary files via a crafted (1) SYNCAPPLY, (2) SYNCGET or (3) SYNCRESTORE command.
5 CVE-2017-12170 16 2017-09-21 2017-10-04
7.5
None Remote Low Not required Partial Partial Partial
Downstream version 1.0.46-1 of pure-ftpd as shipped in Fedora was vulnerable to packaging error due to which the original configuration was ignored after update and service started running with default configuration. This has security implications because of overriding security-related configuration. This issue doesn't affect upstream version of pure-ftpd.
6 CVE-2017-11610 284 Exec Code 2017-08-23 2017-09-27
9.0
None Remote Low Single system Complete Complete Complete
The XML-RPC server in supervisor before 3.0.1, 3.1.x before 3.1.4, 3.2.x before 3.2.4, and 3.3.x before 3.3.3 allows remote authenticated users to execute arbitrary commands via a crafted XML-RPC request, related to nested supervisord namespace lookups.
7 CVE-2017-11462 415 2017-09-13 2017-10-20
7.5
None Remote Low Not required Partial Partial Partial
Double free vulnerability in MIT Kerberos 5 (aka krb5) allows attackers to have unspecified impact via vectors involving automatic deletion of security contexts on error.
8 CVE-2017-11368 20 2017-08-09 2017-10-20
4.0
None Remote Low Single system None None Partial
In MIT Kerberos 5 (aka krb5) 1.7 and later, an authenticated attacker can cause a KDC assertion failure by sending invalid S4U2Self or S4U2Proxy requests.
9 CVE-2017-8932 310 2017-07-06 2017-07-17
4.3
None Remote Medium Not required Partial None None
A bug in the standard library ScalarMult implementation of curve P-256 for amd64 architectures in Go before 1.7.6 and 1.8.x before 1.8.2 causes incorrect results to be generated for specific input points. An adaptive attack can be mounted to progressively extract the scalar input to ScalarMult by submitting crafted points and observing failures to the derive correct output. This leads to a full key recovery attack against static ECDH, as used in popular JWT libraries.
10 CVE-2017-8386 264 +Priv 2017-06-01 2017-06-30
6.5
None Remote Low Single system Partial Partial Partial
git-shell in git before 2.4.12, 2.5.x before 2.5.6, 2.6.x before 2.6.7, 2.7.x before 2.7.5, 2.8.x before 2.8.5, 2.9.x before 2.9.4, 2.10.x before 2.10.3, 2.11.x before 2.11.2, and 2.12.x before 2.12.3 might allow remote authenticated users to gain privileges via a repository name that starts with a - (dash) character.
11 CVE-2017-7551 640 2017-08-16 2017-08-25
5.0
None Remote Low Not required Partial None None
389-ds-base version before 1.3.5.19 and 1.3.6.7 are vulnerable to password brute-force attacks during account lockout due to different return codes returned on password attempts.
12 CVE-2017-7496 264 2017-06-26 2017-07-03
4.4
None Local Medium Not required Partial Partial Partial
fedora-arm-installer up to and including 1.99.16 is vulnerable to local privilege escalation due to lack of checking the error condition of mount operation failure on unsafely created temporary directories.
13 CVE-2017-6362 415 DoS 2017-09-07 2017-09-13
5.0
None Remote Low Not required None None Partial
Double free vulnerability in the gdImagePngPtr function in libgd2 before 2.2.5 allows remote attackers to cause a denial of service via vectors related to a palette with no colors.
14 CVE-2017-5885 190 DoS Exec Code Overflow 2017-02-28 2017-03-02
7.5
None Remote Low Not required Partial Partial Partial
Multiple integer overflows in the (1) vnc_connection_server_message and (2) vnc_color_map_set functions in gtk-vnc before 0.7.0 allow remote servers to cause a denial of service (crash) or possibly execute arbitrary code via vectors involving SetColorMapEntries, which triggers a buffer overflow.
15 CVE-2017-5884 118 Exec Code 2017-02-28 2017-03-02
6.8
None Remote Medium Not required Partial Partial Partial
gtk-vnc before 0.7.0 does not properly check boundaries of subrectangle-containing tiles, which allows remote servers to execute arbitrary code via the src x, y coordinates in a crafted (1) rre, (2) hextile, or (3) copyrect tile.
16 CVE-2017-5849 125 DoS 2017-03-15 2017-04-07
4.3
None Remote Medium Not required None None Partial
tiffttopnm in netpbm 10.47.63 does not properly use the libtiff TIFFRGBAImageGet function, which allows remote attackers to cause a denial of service (out-of-bounds read and write) via a crafted tiff image file, related to transposing width and height values.
17 CVE-2017-5357 416 DoS 2017-02-16 2017-02-17
5.0
None Remote Low Not required None None Partial
regex.c in GNU ed before 1.14.1 allows attackers to cause a denial of service (crash) via a malformed command, which triggers an invalid free.
18 CVE-2017-5330 78 Exec Code 2017-03-27 2017-03-31
6.8
None Remote Medium Not required Partial Partial Partial
ark before 16.12.1 might allow remote attackers to execute arbitrary code via an executable in an archive, related to associated applications.
19 CVE-2016-10243 20 Exec Code 2017-05-02 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
TeX Live allows remote attackers to execute arbitrary commands by leveraging inclusion of mpost in shell_escape_commands in the texmf.cnf config file.
20 CVE-2016-10132 476 DoS 2017-03-24 2017-03-27
5.0
None Remote Low Not required None None Partial
regexp.c in Artifex Software, Inc. MuJS allows attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to regular expression compilation.
21 CVE-2016-10027 362 Bypass 2017-01-12 2017-01-18
2.6
None Remote High Not required Partial None None
Race condition in the XMPP library in Smack before 4.1.9, when the SecurityMode.required TLS setting has been set, allows man-in-the-middle attackers to bypass TLS protections and trigger use of cleartext for client authentication by stripping the "starttls" feature from a server response.
22 CVE-2016-9961 189 2017-06-06 2017-07-10
10.0
None Remote Low Not required Complete Complete Complete
game-music-emu before 0.6.1 mishandles unspecified integer values.
23 CVE-2016-9960 369 DoS 2017-06-06 2017-07-10
2.1
None Local Low Not required None None Partial
game-music-emu before 0.6.1 allows local users to cause a denial of service (divide by zero and process crash).
24 CVE-2016-9956 284 2017-02-22 2017-02-24
5.0
None Remote Low Not required None Partial None
The route manager in FlightGear before 2016.4.4 allows remote attackers to write to arbitrary files via a crafted Nasal script.
25 CVE-2016-9400 119 Exec Code Overflow 2017-02-22 2017-06-30
7.5
None Remote Low Not required Partial Partial Partial
The CClient::ProcessServerPacket method in engine/client/client.cpp in Teeworlds before 0.6.4 allows remote servers to write to arbitrary physical memory locations and possibly execute arbitrary code via vectors involving snap handling.
26 CVE-2016-9299 90 Exec Code 2017-01-12 2017-01-18
7.5
None Remote Low Not required Partial Partial Partial
The remoting module in Jenkins before 2.32 and LTS before 2.19.3 allows remote attackers to execute arbitrary code via a crafted serialized Java object, which triggers an LDAP query to a third-party server.
27 CVE-2016-9243 20 2017-03-27 2017-04-04
5.0
None Remote Low Not required None Partial None
HKDF in cryptography before 1.5.2 returns an empty byte-string if used with a length less than algorithm.digest_size.
28 CVE-2016-9108 190 DoS Overflow 2017-02-03 2017-02-07
5.0
None Remote Low Not required None None Partial
Integer overflow in the js_regcomp function in regexp.c in Artifex Software, Inc. MuJS before commit b6de34ac6d8bb7dd5461c57940acfbd3ee7fd93e allows attackers to cause a denial of service (application crash) via a crafted regular expression.
29 CVE-2016-9085 190 Overflow 2017-02-03 2017-02-07
7.5
None Remote Low Not required Partial Partial Partial
Multiple integer overflows in libwebp allows attackers to have unspecified impact via unknown vectors.
30 CVE-2016-9014 264 2016-12-09 2017-11-03
6.8
None Remote Medium Not required Partial Partial Partial
Django before 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3, when settings.DEBUG is True, allow remote attackers to conduct DNS rebinding attacks by leveraging failure to validate the HTTP Host header against settings.ALLOWED_HOSTS.
31 CVE-2016-9013 798 2016-12-09 2017-11-03
7.5
None Remote Low Not required Partial Partial Partial
Django 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3 use a hardcoded password for a temporary database user created when running tests with an Oracle database, which makes it easier for remote attackers to obtain access to the database server by leveraging failure to manually specify a password in the database settings TEST dictionary.
32 CVE-2016-8887 476 DoS 2017-03-23 2017-03-27
4.3
None Remote Medium Not required None None Partial
The jp2_colr_destroy function in libjasper/jp2/jp2_cod.c in JasPer before 1.900.10 allows remote attackers to cause a denial of service (NULL pointer dereference).
33 CVE-2016-8884 476 DoS 2017-03-28 2017-03-31
4.3
None Remote Medium Not required None None Partial
The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer 1.900.5 allows remote attackers to cause a denial of service (NULL pointer dereference) by calling the imginfo command with a crafted BMP image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8690.
34 CVE-2016-8693 415 DoS Exec Code 2017-02-15 2017-11-03
6.8
None Remote Medium Not required Partial Partial Partial
Double free vulnerability in the mem_close function in jas_stream.c in JasPer before 1.900.10 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted BMP image to the imginfo command.
35 CVE-2016-8692 369 DoS 2017-02-15 2017-02-22
4.3
None Remote Medium Not required None None Partial
The jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.4 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted YRsiz value in a BMP image to the imginfo command.
36 CVE-2016-8691 369 DoS 2017-02-15 2017-02-22
4.3
None Remote Medium Not required None None Partial
The jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.4 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted XRsiz value in a BMP image to the imginfo command.
37 CVE-2016-8690 476 DoS 2017-02-15 2017-02-23
4.3
None Remote Medium Not required None None Partial
The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer before 1.900.5 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted BMP image in an imginfo command.
38 CVE-2016-8606 284 Exec Code 2017-01-12 2017-01-18
7.5
None Remote Low Not required Partial Partial Partial
The REPL server (--listen) in GNU Guile 2.0.12 allows an attacker to execute arbitrary code via an HTTP inter-protocol attack.
39 CVE-2016-8605 275 2017-01-12 2017-01-18
5.0
None Remote Low Not required None Partial None
The mkdir procedure of GNU Guile temporarily changed the process' umask to zero. During that time window, in a multithreaded application, other threads could end up creating files with insecure permissions. For example, mkdir without the optional mode argument would create directories as 0777. This is fixed in Guile 2.0.13. Prior versions are affected.
40 CVE-2016-8569 476 DoS 2017-02-03 2017-02-07
4.3
None Remote Medium Not required None None Partial
The git_oid_nfmt function in commit.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a cat-file command with a crafted object file.
41 CVE-2016-8568 125 DoS 2017-02-03 2017-02-07
4.3
None Remote Medium Not required None None Partial
The git_commit_message function in oid.c in libgit2 before 0.24.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a cat-file command with a crafted object file.
42 CVE-2016-7972 399 DoS 2017-03-03 2017-03-04
5.0
None Remote Low Not required None None Partial
The check_allocations function in libass/ass_shaper.c in libass before 0.13.4 allows remote attackers to cause a denial of service (memory allocation failure) via unspecified vectors.
43 CVE-2016-7970 119 DoS Overflow 2017-03-03 2017-03-04
5.0
None Remote Low Not required None None Partial
Buffer overflow in the calc_coeff function in libass/ass_blur.c in libass before 0.13.4 allows remote attackers to cause a denial of service via unspecified vectors.
44 CVE-2016-7969 125 DoS 2017-03-03 2017-03-04
5.0
None Remote Low Not required None None Partial
The wrap_lines_smart function in ass_render.c in libass before 0.13.4 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, related to "0/3 line wrapping equalization."
45 CVE-2016-7966 94 2016-12-23 2016-12-27
7.5
None Remote Low Not required Partial Partial Partial
Through a malicious URL that contained a quote character it was possible to inject HTML code in KMail's plaintext viewer. Due to the parser used on the URL it was not possible to include the equal sign (=) or a space into the injected HTML, which greatly reduces the available HTML functionality. Although it is possible to include an HTML comment indicator to hide content.
46 CVE-2016-7953 119 Overflow 2016-12-13 2017-06-30
7.5
None Remote Low Not required Partial Partial Partial
Buffer underflow in X.org libXvMC before 1.0.10 allows remote X servers to have unspecified impact via an empty string.
47 CVE-2016-7952 20 DoS 2016-12-13 2016-12-14
5.0
None Remote Low Not required None None Partial
X.org libXtst before 1.2.3 allows remote X servers to cause a denial of service (infinite loop) via a reply in the (1) XRecordStartOfData, (2) XRecordEndOfData, or (3) XRecordClientDied category without a client sequence and with attached data.
48 CVE-2016-7951 125 Overflow 2016-12-13 2016-12-14
7.5
None Remote Low Not required Partial Partial Partial
Multiple integer overflows in X.org libXtst before 1.2.3 allow remote X servers to trigger out-of-bounds memory access operations by leveraging the lack of range checks.
49 CVE-2016-7950 787 2016-12-13 2017-06-30
7.5
None Remote Low Not required Partial Partial Partial
The XRenderQueryFilters function in X.org libXrender before 0.9.10 allows remote X servers to trigger out-of-bounds write operations via vectors involving filter name lengths.
50 CVE-2016-7949 787 Overflow 2016-12-13 2017-06-30
7.5
None Remote Low Not required Partial Partial Partial
Multiple buffer overflows in the (1) XvQueryAdaptors and (2) XvQueryEncodings functions in X.org libXrender before 0.9.10 allow remote X servers to trigger out-of-bounds write operations via vectors involving length fields.
Total number of vulnerabilities : 485   Page : 1 (This Page)2 3 4 5 6 7 8 9 10
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.