CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Fedoraproject : Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2017-8386 264 +Priv 2017-06-01 2017-06-30
6.5
None Remote Low Single system Partial Partial Partial
git-shell in git before 2.4.12, 2.5.x before 2.5.6, 2.6.x before 2.6.7, 2.7.x before 2.7.5, 2.8.x before 2.8.5, 2.9.x before 2.9.4, 2.10.x before 2.10.3, 2.11.x before 2.11.2, and 2.12.x before 2.12.3 might allow remote authenticated users to gain privileges via a repository name that starts with a - (dash) character.
2 CVE-2017-5884 118 Exec Code 2017-02-28 2017-03-02
6.8
None Remote Medium Not required Partial Partial Partial
gtk-vnc before 0.7.0 does not properly check boundaries of subrectangle-containing tiles, which allows remote servers to execute arbitrary code via the src x, y coordinates in a crafted (1) rre, (2) hextile, or (3) copyrect tile.
3 CVE-2017-5330 78 Exec Code 2017-03-27 2017-03-31
6.8
None Remote Medium Not required Partial Partial Partial
ark before 16.12.1 might allow remote attackers to execute arbitrary code via an executable in an archive, related to associated applications.
4 CVE-2016-9014 264 2016-12-09 2017-11-03
6.8
None Remote Medium Not required Partial Partial Partial
Django before 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3, when settings.DEBUG is True, allow remote attackers to conduct DNS rebinding attacks by leveraging failure to validate the HTTP Host header against settings.ALLOWED_HOSTS.
5 CVE-2016-8693 415 DoS Exec Code 2017-02-15 2017-11-03
6.8
None Remote Medium Not required Partial Partial Partial
Double free vulnerability in the mem_close function in jas_stream.c in JasPer before 1.900.10 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted BMP image to the imginfo command.
6 CVE-2016-7163 125 Exec Code Overflow 2016-09-21 2016-09-21
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in the opj_pi_create_decode function in pi.c in OpenJPEG allows remote attackers to execute arbitrary code via a crafted JP2 file, which triggers an out-of-bounds read or write.
7 CVE-2016-5766 190 DoS Overflow 2016-08-07 2017-06-30
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in the _gd2GetHeader function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via crafted chunk dimensions in an image.
8 CVE-2016-5386 284 2016-07-18 2017-08-24
6.8
None Remote Medium Not required Partial Partial Partial
The net/http package in Go through 1.6 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect a CGI application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue.
9 CVE-2016-5177 416 DoS 2017-05-23 2017-06-30
6.8
None Remote Medium Not required Partial Partial Partial
Use-after-free vulnerability in V8 in Google Chrome before 53.0.2785.143 allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact via unknown vectors.
10 CVE-2016-5157 119 Exec Code Overflow 2016-09-11 2017-11-05
6.8
None Remote Medium Not required Partial Partial Partial
Heap-based buffer overflow in the opj_dwt_interleave_v function in dwt.c in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allows remote attackers to execute arbitrary code via crafted coordinate values in JPEG 2000 data.
11 CVE-2016-4002 119 DoS Exec Code Overflow Mem. Corr. 2016-04-26 2017-06-30
6.8
None Remote Medium Not required Partial Partial Partial
Buffer overflow in the mipsnet_receive function in hw/net/mipsnet.c in QEMU, when the guest NIC is configured to accept large packets, allows remote attackers to cause a denial of service (memory corruption and QEMU crash) or possibly execute arbitrary code via a packet larger than 1514 bytes.
12 CVE-2016-3630 19 Exec Code 2016-04-13 2017-06-30
6.8
None Remote Medium Not required Partial Partial Partial
The binary delta decoder in Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a (1) clone, (2) push, or (3) pull command, related to (a) a list sizing rounding error and (b) short records.
13 CVE-2016-3069 20 Exec Code 2016-04-13 2017-06-30
6.8
None Remote Medium Not required Partial Partial Partial
Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted name when converting a Git repository.
14 CVE-2016-3068 20 Exec Code 2016-04-13 2017-06-30
6.8
None Remote Medium Not required Partial Partial Partial
Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted git ext:: URL when cloning a subrepository.
15 CVE-2016-1521 119 DoS Exec Code Overflow +Info 2016-02-12 2017-06-30
6.8
None Remote Medium Not required Partial Partial Partial
The directrun function in directmachine.cpp in Libgraphite in Graphite 2 1.2.4, as used in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.6.1, does not validate a certain skip operation, which allows remote attackers to execute arbitrary code, obtain sensitive information, or cause a denial of service (out-of-bounds read and application crash) via a crafted Graphite smart font.
16 CVE-2016-0720 352 CSRF 2017-04-21 2017-04-27
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in pcsd web UI in pcs before 0.9.149.
17 CVE-2015-8869 119 Overflow +Info 2016-06-13 2017-06-30
6.4
None Remote Low Not required Partial None Partial
OCaml before 4.03.0 does not properly handle sign extensions, which allows remote attackers to conduct buffer overflow attacks or obtain sensitive information as demonstrated by a long string to the String.copy function.
18 CVE-2015-8837 119 DoS Exec Code Overflow 2016-03-30 2016-08-03
6.8
None Remote Medium Not required Partial Partial Partial
Stack-based buffer overflow in the isofs_real_readdir function in isofs.c in FuseISO 20070708 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long pathname in an ISO file.
19 CVE-2015-8836 119 DoS Overflow 2016-03-30 2017-02-19
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in the isofs_real_read_zf function in isofs.c in FuseISO 20070708 might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a large ZF block size in an ISO file, leading to a heap-based buffer overflow.
20 CVE-2015-8776 189 DoS +Info 2016-04-19 2017-06-30
6.4
None Remote Low Not required Partial None Partial
The strftime function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly obtain sensitive information via an out-of-range time value.
21 CVE-2015-8567 399 DoS 2017-04-13 2017-04-20
6.8
None Remote Low Single system None None Complete
Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service (memory consumption).
22 CVE-2015-8370 264 DoS Mem. Corr. Bypass +Info 2015-12-16 2016-12-07
6.9
None Local Medium Not required Complete Complete Complete
Multiple integer underflows in Grub2 1.98 through 2.02 allow physically proximate attackers to bypass authentication, obtain sensitive information, or cause a denial of service (disk corruption) via backspace characters in the (1) grub_username_get function in grub-core/normal/auth.c or the (2) grub_password_get function in lib/crypto.c, which trigger an "Off-by-two" or "Out of bounds overwrite" memory error.
23 CVE-2015-7222 189 DoS Exec Code Overflow 2015-12-16 2016-12-07
6.8
None Remote Medium Not required Partial Partial Partial
Integer underflow in the Metadata::setData function in MetaData.cpp in libstagefright in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code or cause a denial of service (incorrect memory allocation and application crash) via an MP4 video file with crafted covr metadata that triggers a buffer overflow.
24 CVE-2015-7216 20 DoS 2015-12-16 2016-12-07
6.8
None Remote Medium Not required Partial Partial Partial
The gdk-pixbuf configuration in Mozilla Firefox before 43.0 on Linux GNOME platforms incorrectly enables the JasPer decoder, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted JPEG 2000 image.
25 CVE-2015-7213 189 Exec Code Overflow 2015-12-16 2017-03-23
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in the MPEG4Extractor::readMetaData function in MPEG4Extractor.cpp in libstagefright in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 on 64-bit platforms allows remote attackers to execute arbitrary code via a crafted MP4 video file that triggers a buffer overflow.
26 CVE-2015-7204 17 Exec Code 2015-12-16 2016-12-07
6.8
None Remote Medium Not required Partial Partial Partial
Mozilla Firefox before 43.0 does not properly store the properties of unboxed objects, which allows remote attackers to execute arbitrary code via crafted JavaScript variable assignments.
27 CVE-2015-5607 352 CSRF 2017-09-20 2017-10-05
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery in the REST API in IPython 2 and 3.
28 CVE-2015-5400 264 Bypass 2015-09-28 2017-09-21
6.8
None Remote Medium Not required Partial Partial Partial
Squid before 3.5.6 does not properly handle CONNECT method peer responses when configured with cache_peer, which allows remote attackers to bypass intended restrictions and gain access to a backend proxy via a CONNECT request.
29 CVE-2015-5292 399 DoS 2015-10-29 2016-12-07
6.8
None Remote Low Single system None None Complete
Memory leak in the Privilege Attribute Certificate (PAC) responder plugin (sssd_pac_plugin.so) in System Security Services Daemon (SSSD) 1.10 before 1.13.1 allows remote authenticated users to cause a denial of service (memory consumption) via a large number of logins that trigger parsing of PAC blobs during Kerberos authentication.
30 CVE-2015-5258 352 CSRF 2017-08-22 2017-08-25
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in springframework-social before 1.1.3.
31 CVE-2015-5234 20 Bypass 2015-10-09 2016-12-07
6.8
None Remote Medium Not required Partial Partial Partial
IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly sanitize applet URLs, which allows remote attackers to inject applets into the .appletTrustSettings configuration file and bypass user approval to execute the applet via a crafted web page, possibly related to line breaks.
32 CVE-2015-4588 119 DoS Exec Code Overflow 2015-07-01 2017-09-21
6.8
None Remote Medium Not required Partial Partial Partial
Heap-based buffer overflow in the DecodeImage function in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted "run-length count" in an image in a WMF file.
33 CVE-2015-4491 189 DoS Exec Code Overflow 2015-08-15 2016-12-23
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in the make_filter_table function in pixops/pixops.c in gdk-pixbuf before 2.31.5, as used in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 on Linux, Google Chrome on Linux, and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash) via crafted bitmap dimensions that are mishandled during scaling.
34 CVE-2015-1860 119 DoS Exec Code Overflow 2015-05-12 2016-12-30
6.8
None Remote Medium Not required Partial Partial Partial
Multiple buffer overflows in gui/image/qgifhandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a crafted GIF image.
35 CVE-2015-1859 119 DoS Exec Code Overflow 2015-05-12 2016-12-30
6.8
None Remote Medium Not required Partial Partial Partial
Multiple buffer overflows in plugins/imageformats/ico/qicohandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault and crash) and possibly execute arbitrary code via a crafted ICO image.
36 CVE-2015-1858 119 DoS Exec Code Overflow 2015-05-12 2016-12-30
6.8
None Remote Medium Not required Partial Partial Partial
Multiple buffer overflows in gui/image/qbmphandler.cpp in the QtBase module in Qt before 4.8.7 and 5.x before 5.4.2 allow remote attackers to cause a denial of service (segmentation fault and crash) and possibly execute arbitrary code via a crafted BMP image.
37 CVE-2015-1782 20 DoS 2015-03-13 2017-01-02
6.8
None Remote Medium Not required Partial Partial Partial
The kex_agree_methods function in libssh2 before 1.5.0 allows remote servers to cause a denial of service (crash) or have other unspecified impact via crafted length values in an SSH_MSG_KEXINIT packet.
38 CVE-2015-1774 119 DoS Exec Code Overflow 2015-04-28 2017-01-02
6.8
None Remote Medium Not required Partial Partial Partial
The HWP filter in LibreOffice before 4.3.7 and 4.4.x before 4.4.2 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted HWP document, which triggers an out-of-bounds write.
39 CVE-2015-1464 284 2015-03-09 2015-10-27
6.4
None Remote Low Not required Partial Partial None
RT (aka Request Tracker) before 4.0.23 and 4.2.x before 4.2.10 allows remote attackers to hijack sessions via an RSS feed URL.
40 CVE-2015-0848 119 DoS Exec Code Overflow 2015-07-01 2017-09-21
6.8
None Remote Medium Not required Partial Partial Partial
Heap-based buffer overflow in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted BMP image.
41 CVE-2014-9669 125 DoS Overflow Mem. Corr. 2015-02-08 2017-06-30
6.8
None Remote Medium Not required Partial Partial Partial
Multiple integer overflows in sfnt/ttcmap.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service (out-of-bounds read or memory corruption) or possibly have unspecified other impact via a crafted cmap SFNT table.
42 CVE-2014-9667 119 DoS Overflow 2015-02-08 2017-06-30
6.8
None Remote Medium Not required Partial Partial Partial
sfnt/ttload.c in FreeType before 2.5.4 proceeds with offset+length calculations without restricting the values, which allows remote attackers to cause a denial of service (integer overflow and out-of-bounds read) or possibly have unspecified other impact via a crafted SFNT table.
43 CVE-2014-9666 189 DoS Overflow 2015-02-08 2017-06-30
6.8
None Remote Medium Not required Partial Partial Partial
The tt_sbit_decoder_init function in sfnt/ttsbit.c in FreeType before 2.5.4 proceeds with a count-to-size association without restricting the count value, which allows remote attackers to cause a denial of service (integer overflow and out-of-bounds read) or possibly have unspecified other impact via a crafted embedded bitmap.
44 CVE-2014-9664 119 DoS Overflow 2015-02-08 2017-06-30
6.8
None Remote Medium Not required Partial Partial Partial
FreeType before 2.5.4 does not check for the end of the data during certain parsing actions, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted Type42 font, related to type42/t42parse.c and type1/t1load.c.
45 CVE-2014-8630 77 Exec Code 2015-02-01 2017-01-02
6.5
None Remote Low Single system Partial Partial Partial
Bugzilla before 4.0.16, 4.1.x and 4.2.x before 4.2.12, 4.3.x and 4.4.x before 4.4.7, and 5.x before 5.0rc1 allows remote authenticated users to execute arbitrary commands by leveraging the editcomponents privilege and triggering crafted input to a two-argument Perl open call, as demonstrated by shell metacharacters in a product name.
46 CVE-2014-7154 362 DoS 2014-10-02 2017-01-02
6.1
None Local Network Low Not required None None Complete
Race condition in HVMOP_track_dirty_vram in Xen 4.0.0 through 4.4.x does not ensure possession of the guarding lock for dirty video RAM tracking, which allows certain local guest domains to cause a denial of service via unspecified vectors.
47 CVE-2014-6055 119 DoS Exec Code Overflow 2014-09-30 2017-09-07
6.5
None Remote Low Single system Partial Partial Partial
Multiple stack-based buffer overflows in the File Transfer feature in rfbserver.c in LibVNCServer 0.9.9 and earlier allow remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a (1) long file or (2) directory name or the (3) FileTime attribute in a rfbFileTransferOffer message.
48 CVE-2014-4909 189 DoS Exec Code Overflow 2014-07-29 2014-11-13
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in the tr_bitfieldEnsureNthBitAlloced function in bitfield.c in Transmission before 2.84 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted peer message, which triggers an out-of-bounds write.
49 CVE-2014-4668 287 Bypass 2014-07-02 2017-01-02
6.8
None Remote Medium Not required Partial Partial Partial
The cherokee_validator_ldap_check function in validator_ldap.c in Cherokee 1.2.103 and earlier, when LDAP is used, does not properly consider unauthenticated-bind semantics, which allows remote attackers to bypass authentication via an empty password.
50 CVE-2014-2328 Exec Code 2014-04-23 2016-12-21
6.5
None Remote Low Single system Partial Partial Partial
lib/graph_export.php in Cacti 0.8.7g, 0.8.8b, and earlier allows remote authenticated users to execute arbitrary commands via shell metacharacters in unspecified vectors.
Total number of vulnerabilities : 66   Page : 1 (This Page)2
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.