Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora 31 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2020-11054
In qutebrowser versions less than 1.11.1, reloading a page with certificate errors shows a green URL. After a certificate error was overridden by the user, qutebrowser displays the URL as yellow (colors.statusbar.url.warn.fg). However, when the affected website was subsequently l...
Qutebrowser Qutebrowser
Fedoraproject Fedora 31
Fedoraproject Fedora 32
4.3
CVSSv2
CVE-2020-13231
In Cacti prior to 1.2.11, auth_profile.php?action=edit allows CSRF for an admin email change.
Cacti Cacti
Fedoraproject Fedora 31
Fedoraproject Fedora 32
5
CVSSv2
CVE-2019-16865
An issue exists in Pillow prior to 6.2.0. When reading specially crafted invalid image files, the library can either allocate very large amounts of memory or take an extremely long period of time to process the image.
Python Pillow
Fedoraproject Fedora 30
Fedoraproject Fedora 31
4.3
CVSSv2
CVE-2020-16145
Roundcube Webmail prior to 1.3.15 and 1.4.8 allows stored XSS in HTML messages during message display via a crafted SVG document. This issue has been fixed in 1.4.8 and 1.3.15.
Roundcube Webmail
Fedoraproject Fedora 31
Fedoraproject Fedora 32
6.4
CVSSv2
CVE-2020-12740
tcprewrite in Tcpreplay up to and including 4.3.2 has a heap-based buffer over-read during a get_c operation. The issue is being triggered in the function get_ipv6_next() at common/get.c.
Broadcom Tcpreplay
Fedoraproject Fedora 31
Fedoraproject Fedora 32
4.3
CVSSv2
CVE-2020-6750
GSocketClient in GNOME GLib up to and including 2.62.4 may occasionally connect directly to a target address instead of connecting via a proxy server when configured to do so, because the proxy_addr field is mishandled. This bug is timing-dependent and may occur only sporadically...
Gnome Glib
Fedoraproject Fedora 30
Fedoraproject Fedora 31
4
CVSSv2
CVE-2019-10195
A flaw was found in IPA, all 4.6.x versions prior to 4.6.7, all 4.7.x versions prior to 4.7.4 and all 4.8.x versions prior to 4.8.3, in the way that FreeIPA's batch processing API logged operations. This included passing user passwords in clear text on FreeIPA masters. Batch...
Freeipa Freeipa
Fedoraproject Fedora 30
Fedoraproject Fedora 31
2 Github repositories
7.5
CVSSv2
CVE-2017-9105
An issue exists in adns prior to 1.5.2. It corrupts a pointer when a nameserver speaks first because of a wrong number of pointer dereferences. This bug may well be exploitable as a remote code execution.
Gnu Adns
Fedoraproject Fedora 31
Fedoraproject Fedora 32
5
CVSSv2
CVE-2017-9107
An issue exists in adns prior to 1.5.2. It overruns reading a buffer if a domain ends with backslash. If the query domain ended with \, and adns_qf_quoteok_query was specified, qdparselabel would read additional bytes from the buffer and try to treat them as the escape sequence. ...
Gnu Adns
Fedoraproject Fedora 31
Fedoraproject Fedora 32
5
CVSSv2
CVE-2017-9106
An issue exists in adns prior to 1.5.2. adns_rr_info mishandles a bogus *datap. The general pattern for formatting integers is to sprintf into a fixed-size buffer. This is correct if the input is in the right range; if it isn't, the buffer may be overrun (depending on the si...
Gnu Adns
Fedoraproject Fedora 31
Fedoraproject Fedora 32
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
malicious code
XML injection
CVE-2024-28020
CVE-2024-35252
CVE-2024-5833
CVE-2024-30066
injection
CVE-2024-23282
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »