fedoraproject fedora 29 vulnerabilities and exploits

(subscribe to this query)

6.5

CVSSv3

A CSRF issue in phpMyAdmin 4.9.0.1 allows deletion of any server in the Setup page....

Phpmyadmin Phpmyadmin Fedoraproject Fedora 29 Fedoraproject Fedora 30 Fedoraproject Fedora 311 EDB exploit available2 Github repositories available

7.5

CVSSv3

The html package (aka x/net/html) through 2018-09-17 in Go mishandles <math><template><mo><template>, leading to a "panic: runtime error" in parseCurrentToken in parse.go during an html.Parse call....

Golang Net Fedoraproject Fedora 29 Fedoraproject Fedora 28

7.5

CVSSv3

The html package (aka x/net/html) through 2018-09-17 in Go mishandles <template><tBody><isindex/action=0>, leading to a "panic: runtime error" in inBodyIM in parse.go during an html.Parse call....

Golang Net Fedoraproject Fedora 29 Fedoraproject Fedora 28

6.5

CVSSv3

A flaw was found in the samba client, all samba versions before samba 4.11.2, 4.10.10 and 4.9.15, where a malicious server can supply a pathname to the client with separators. This could allow the client to access files and folders outside of the SMB network pathnames. An...

Samba Samba Fedoraproject Fedora 29 Fedoraproject Fedora 311 Github repository available

9.8

CVSSv3

In PuTTY versions before 0.71 on Unix, a remotely triggerable buffer overflow exists in any kind of server-to-client forwarding....

Putty Putty Fedoraproject Fedora 28 Fedoraproject Fedora 291 Github repository available

7.8

CVSSv3

In radare2 through 3.5.1, the rcc_context function of libr/egg/egg_lang.c mishandles changing context. This allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact (invalid memory access in r_egg_lang_parsechar; invalid...

Radare Radare2 Fedoraproject Fedora 29 Fedoraproject Fedora 30

7.5

CVSSv3

A flaw was found in, Fedora versions of krb5 from 1.16.1 to, including 1.17.x, in the way a Kerberos client could crash the KDC by sending one of the RFC 4556 "enctypes". A remote unauthenticated user could use this flaw to crash the KDC....

Mit Kerberos 5 Fedoraproject Fedora 29 Fedoraproject Fedora 30 Fedoraproject Fedora 31

6.5

CVSSv3

FontInfoScanner::scanFonts in FontInfo.cc in Poppler 0.75.0 has infinite recursion, leading to a call to the error function in Error.cc....

Freedesktop Poppler 0.75.0 Fedoraproject Fedora 28 Fedoraproject Fedora 29 Fedoraproject Fedora 30

7.8

CVSSv3

An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference occurred in the function get_ipv6_l4proto() located at get.c. This can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service...

Broadcom Tcpreplay 4.3.1 Fedoraproject Fedora 28 Fedoraproject Fedora 29 Fedoraproject Fedora 30 Fedoraproject Fedora 31 Fedoraproject Fedora 32

7.8

CVSSv3

In radare2 before 3.7.0, a command injection vulnerability exists in bin_symbols() in libr/core/cbin.c. By using a crafted executable file, it's possible to execute arbitrary shell commands with the permissions of the victim. This vulnerability is due to improper handling...

Radare Radare2 Fedoraproject Fedora 29 Fedoraproject Fedora 30 Fedoraproject Fedora 315 Github repositories available

Get Started

1 2 3 4 5 6 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook