Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora 26 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2017-12170
Downstream version 1.0.46-1 of pure-ftpd as shipped in Fedora was vulnerable to packaging error due to which the original configuration was ignored after update and service started running with default configuration. This has security implications because of overriding security-r...
Pureftpd Pure-ftpd 1.0.46-1
Fedoraproject Fedora 27
Fedoraproject Fedora 26
5
CVSSv2
CVE-2018-6003
An issue exists in the _asn1_decode_simple_ber function in decoding.c in GNU Libtasn1 prior to 4.13. Unlimited recursion in the BER decoder leads to stack exhaustion and DoS.
Gnu Libtasn1
Fedoraproject Fedora 26
Debian Debian Linux 9.0
Fedoraproject Fedora 27
4
CVSSv2
CVE-2017-12843
Cyrus IMAP prior to 3.0.3 allows remote authenticated users to write to arbitrary files via a crafted (1) SYNCAPPLY, (2) SYNCGET or (3) SYNCRESTORE command.
Cyrusimap Cyrus Imap
Fedoraproject Fedora 26
4.3
CVSSv2
CVE-2017-16876
Cross-site scripting (XSS) vulnerability in the _keyify function in mistune.py in Mistune prior to 0.8.1 allows remote malicious users to inject arbitrary web script or HTML by leveraging failure to escape the "key" argument.
Mistune Project Mistune
Fedoraproject Fedora 26
6.5
CVSSv2
CVE-2017-15365
sql/event_data_objects.cc in MariaDB prior to 10.1.30 and 10.2.x prior to 10.2.10 and Percona XtraDB Cluster prior to 5.6.37-26.21-3 and 5.7.x prior to 5.7.19-29.22-3 allows remote authenticated users with SQL access to bypass intended access restrictions and replicate data defin...
Fedoraproject Fedora 26
Mariadb Mariadb
Percona Xtradb Cluster
7.5
CVSSv2
CVE-2016-10243
TeX Live allows remote malicious users to execute arbitrary commands by leveraging inclusion of mpost in shell_escape_commands in the texmf.cnf config file.
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Fedoraproject Fedora 26
Fedoraproject Fedora 25
Tug Tex Live -
5
CVSSv2
CVE-2017-6362
Double free vulnerability in the gdImagePngPtr function in libgd2 prior to 2.2.5 allows remote malicious users to cause a denial of service via vectors related to a palette with no colors.
Libgd Libgd 2.2.4
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Fedoraproject Fedora 26
Canonical Ubuntu Linux 16.04
7.5
CVSSv2
CVE-2017-11462
Double free vulnerability in MIT Kerberos 5 (aka krb5) allows malicious users to have unspecified impact via vectors involving automatic deletion of security contexts on error.
Mit Kerberos 5 1.14
Mit Kerberos 5 1.14.1
Mit Kerberos 5 1.14.2
Mit Kerberos 5 1.14.3
Mit Kerberos 5 1.14.4
Mit Kerberos 5 1.14.5
Mit Kerberos 5 1.15
Mit Kerberos 5 1.15.1
Fedoraproject Fedora 26
Fedoraproject Fedora 25
5
CVSSv2
CVE-2019-14844
A flaw was found in, Fedora versions of krb5 from 1.16.1 to, including 1.17.x, in the way a Kerberos client could crash the KDC by sending one of the RFC 4556 "enctypes". A remote unauthenticated user could use this flaw to crash the KDC.
Mit Kerberos 5
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
5
CVSSv2
CVE-2020-14148
The Server-Server protocol implementation in ngIRCd prior to 26~rc2 allows an out-of-bounds access, as demonstrated by the IRC_NJOIN() function.
Barton Ngircd 26.0
Barton Ngircd
Debian Debian Linux 8.0
Fedoraproject Fedora 31
Fedoraproject Fedora 32
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
firewall
CVE-2024-35649
stored XSS
CVE-2022-28654
CVE-2020-35153
CVE-2024-27348
CVE-2022-28652
local users
CVE-2017-3506
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »