Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-20060
urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the Authorization header to be exposed to unintended hosts or transmitted i...
Python Urllib3
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
NA
CVE-2012-3354
doku.php in DokuWiki, as used in Fedora 16, 17, and 18, when certain PHP error levels are set, allows remote malicious users to obtain sensitive information via the prefix parameter, which reveals the installation path in an error message.
Fedoraproject Fedora 17
Fedoraproject Fedora 18
Dokuwiki Dokuwiki -
Fedoraproject Fedora 16
6.1
CVSSv3
CVE-2015-2793
Cross-site scripting (XSS) vulnerability in templates/openid-selector.tmpl in ikiwiki prior to 3.20150329 allows remote malicious users to inject arbitrary web script or HTML via the openid_identifier parameter in a verify action to ikiwiki.cgi.
Ikiwiki Ikiwiki
Fedoraproject Fedora 22
Fedoraproject Fedora 20
Fedoraproject Fedora 21
7.5
CVSSv3
CVE-2022-24778
The imgcrypt library provides API exensions for containerd to support encrypted container images and implements the ctd-decoder command line tool for use by containerd to decrypt encrypted container images. The imgcrypt function `CheckAuthorization` is supposed to check whether t...
Linuxfoundation Imgcrypt
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
7.5
CVSSv3
CVE-2021-27921
Pillow prior to 8.1.1 allows malicious users to cause a denial of service (memory consumption) because the reported size of a contained image is not properly checked for a BLP container, and thus an attempted memory allocation can be very large.
Python Pillow
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
7.5
CVSSv3
CVE-2021-27922
Pillow prior to 8.1.1 allows malicious users to cause a denial of service (memory consumption) because the reported size of a contained image is not properly checked for an ICNS container, and thus an attempted memory allocation can be very large.
Python Pillow
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
7.5
CVSSv3
CVE-2022-3204
A vulnerability named 'Non-Responsive Delegation Attack' (NRDelegation Attack) has been discovered in various DNS resolving software. The NRDelegation Attack works by having a malicious delegation with a considerable number of non responsive nameservers. The attack star...
Nlnetlabs Unbound
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
7.5
CVSSv3
CVE-2022-32081
MariaDB v10.4 to v10.7 exists to contain an use-after-poison in prepare_inplace_add_virtual at /storage/innobase/handler/handler0alter.cc.
Mariadb Mariadb
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
7.5
CVSSv3
CVE-2022-32082
MariaDB v10.5 to v10.7 exists to contain an assertion failure at table->get_ref_count() == 0 in dict0dict.cc.
Mariadb Mariadb
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
7.5
CVSSv3
CVE-2022-32089
MariaDB v10.5 to v10.7 exists to contain a segmentation fault via the component st_select_lex_unit::exclude_level.
Mariadb Mariadb
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »