Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora 24 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2016-4861
The (1) order and (2) group methods in Zend_Db_Select in the Zend Framework prior to 1.12.20 might allow remote malicious users to conduct SQL injection attacks by leveraging failure to remove comments from an SQL statement before validation.
Fedoraproject Fedora 25
Fedoraproject Fedora 24
Fedoraproject Fedora 23
Zend Zend Framework
7.5
CVSSv3
CVE-2016-7970
Buffer overflow in the calc_coeff function in libass/ass_blur.c in libass prior to 0.13.4 allows remote malicious users to cause a denial of service via unspecified vectors.
Fedoraproject Fedora 25
Fedoraproject Fedora 24
Fedoraproject Fedora 23
Libass Project Libass
9.8
CVSSv3
CVE-2016-0729
Multiple buffer overflows in (1) internal/XMLReader.cpp, (2) util/XMLURL.cpp, and (3) util/XMLUri.cpp in the XML Parser library in Apache Xerces-C prior to 3.1.3 allow remote malicious users to cause a denial of service (segmentation fault or memory corruption) or possibly execut...
Apache Xerces-c\\\\\\+\\\\\\+
Fedoraproject Fedora 22
Fedoraproject Fedora 23
Fedoraproject Fedora 24
9.8
CVSSv3
CVE-2016-8606
The REPL server (--listen) in GNU Guile 2.0.12 allows an malicious user to execute arbitrary code via an HTTP inter-protocol attack.
Gnu Guile 2.0.12
Fedoraproject Fedora 25
Fedoraproject Fedora 24
Fedoraproject Fedora 23
7.5
CVSSv3
CVE-2016-4021
The read_binary function in buffer.c in pgpdump prior to 0.30 allows context-dependent malicious users to cause a denial of service (infinite loop and CPU consumption) via crafted input, as demonstrated by the \xa3\x03 string.
Fedoraproject Fedora 23
Fedoraproject Fedora 22
Fedoraproject Fedora 24
Pgpdump Project Pgpdump
7.5
CVSSv3
CVE-2016-3071
Libreswan 3.16 might allow remote malicious users to cause a denial of service (daemon restart) via an IKEv2 aes_xcbc transform.
Libreswan Libreswan 3.16
Fedoraproject Fedora 23
Fedoraproject Fedora 24
5.5
CVSSv3
CVE-2016-8887
The jp2_colr_destroy function in libjasper/jp2/jp2_cod.c in JasPer prior to 1.900.10 allows remote malicious users to cause a denial of service (NULL pointer dereference).
Jasper Project Jasper
Fedoraproject Fedora 24
Fedoraproject Fedora 23
1 Github repository
7.8
CVSSv3
CVE-2016-6299
The scm plug-in in mock might allow malicious users to bypass the intended chroot protection mechanism and gain root privileges via a crafted spec file.
Fedoraproject Fedora 25
Fedoraproject Fedora 24
Fedoraproject Fedora 23
Mock Project Scm Plugin -
7.8
CVSSv3
CVE-2015-8106
Format string vulnerability in the CmdKeywords function in funct1.c in latex2rtf prior to 2.3.10 allows remote malicious users to execute arbitrary code via format string specifiers in the \keywords command in a crafted TeX file.
Latex2rtf Project Latex2rtf 2.3.8
Fedoraproject Fedora 23
Fedoraproject Fedora 24
Fedoraproject Fedora 22
5.5
CVSSv3
CVE-2016-8884
The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer 1.900.5 allows remote malicious users to cause a denial of service (NULL pointer dereference) by calling the imginfo command with a crafted BMP image. NOTE: this vulnerability exists because of an incomplete fix for CV...
Jasper Project Jasper 1.900.5
Fedoraproject Fedora 24
Fedoraproject Fedora 23
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »