Vulmon
Recent Vulnerabilities
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
By Recent Activity
fedora vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2008-3252
Stack-based buffer overflow in the read_article function in getarticle.c in newsx 1.6 allows remote attackers to execute arbitrary code via a news article containing a large number of lines starting with a period....
Fedora
Newsx
4.3
CVSSv2
CVE-2015-3983
The pcs daemon (pcsd) in PCS 0.9.137 and earlier does not include the HTTPOnly flag in a Set-Cookie header, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie. NOTE: this issue was SPLIT from CVE-2015-1848 per...
Fedora
Pacemaker Configuration System
4.6
CVSSv2
CVE-2012-4480
mom creates world-writable pid files in /var/run...
Fedoraproject
Fedora
5
CVSSv2
CVE-2019-5885
Matrix Synapse before 0.34.0.1, when the macaroon_secret_key authentication parameter is not set, uses a predictable value to derive a secret key and other secrets which could allow remote attackers to impersonate users....
Fedoraproject
Fedora
6.2
CVSSv2
CVE-2010-0746
Directory traversal vulnerability in DeviceKit-disks in DeviceKit, as used in Fedora 11 and 12 and possibly other operating systems, allows local users to gain privileges via .. (dot dot) sequences in the label for a pluggable storage device....
Fedoraproject
Fedora
6.4
CVSSv2
CVE-2020-10543
Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow....
Fedoraproject
Fedora
7.5
CVSSv2
CVE-2019-19010
Eval injection in the Math plugin of Limnoria (before 2019.11.09) and Supybot (through 2018-05-09) allows remote unprivileged attackers to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands....
Fedoraproject
Fedora
4.3
CVSSv2
CVE-2019-9844
simple-markdown.js in Khan Academy simple-markdown before 0.4.4 allows XSS via a data: or vbscript: URI....
Fedoraproject
Fedora
3.6
CVSSv2
CVE-2013-0159
The fedora-business-cards package before 1-0.1.beta1.fc17 on Fedora 17 and before 1-0.1.beta1.fc18 on Fedora 18 allows local users to cause a denial of service or write to arbitrary files via a symlink attack on /tmp/fedora-business-cards-buffer.svg....
Fedoraproject
Fedora
10
CVSSv2
CVE-2020-1747
A vulnerability was discovered in the PyYAML library in versions before 5.3.1, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process...
Fedoraproject
Fedora
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
xorg-server
firecracker
CVE-2020-15943
CVE-2020-13379
ram disk
CVE-2020-17352
code execution
CVE-2020-3434
log injection
CVE-2020-5412
pghero project
XPath injection
CVE-2020-16215
1
2
3
4
5
6
NEXT »
Vulmon