Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora 28 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2018-20406
Modules/_pickle.c in Python prior to 3.7.1 has an integer overflow via a large LONG_BINPUT value that is mishandled during a "resize to twice the size" attempt. This issue might cause memory exhaustion, but is only relevant if the pickle format is used for serializing t...
Python Python
Debian Debian Linux 8.0
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
6.8
CVSSv2
CVE-2018-1000877
libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards) contains a CWE-415: Double Free vulnerability in RAR decoder - libarchive/archive_read_support_format_rar.c, parse_codes(), realloc(rar->lzss.window, new_size) with new_size = 0...
Libarchive Libarchive
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
6.8
CVSSv2
CVE-2018-1000878
libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards) contains a CWE-416: Use After Free vulnerability in RAR decoder - libarchive/archive_read_support_format_rar.c that can result in Crash/DoS - it is unknown if RCE is possible. This...
Libarchive Libarchive
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Opensuse Leap 15.0
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
4.3
CVSSv2
CVE-2018-1000879
libarchive version commit 379867ecb330b3a952fb7bfa7bffb7bbd5547205 onwards (release v3.3.0 onwards) contains a CWE-476: NULL Pointer Dereference vulnerability in ACL parser - libarchive/archive_acl.c, archive_acl_from_text_l() that can result in Crash/DoS. This attack appear to b...
Libarchive Libarchive
Opensuse Leap 15.0
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
6.4
CVSSv2
CVE-2018-1000852
FreeRDP FreeRDP 2.0.0-rc3 released version before commit 205c612820dac644d665b5bb1cdf437dc5ca01e3 contains a Other/Unknown vulnerability in channels/drdynvc/client/drdynvc_main.c, drdynvc_process_capability_request that can result in The RDP server can read the client's memo...
Freerdp Freerdp 2.0.0
Freerdp Freerdp
Canonical Ubuntu Linux 18.04
Fedoraproject Fedora 28
Canonical Ubuntu Linux 19.10
Canonical Ubuntu Linux 20.04
5.8
CVSSv2
CVE-2018-19790
An open redirect exists in Symfony 2.7.x prior to 2.7.50, 2.8.x prior to 2.8.49, 3.x prior to 3.4.20, 4.0.x prior to 4.0.15, 4.1.x prior to 4.1.9 and 4.2.x prior to 4.2.1. By using backslashes in the `_failure_path` input field of login forms, an attacker can work around the redi...
Sensiolabs Symfony
Fedoraproject Fedora 28
Debian Debian Linux 8.0
5
CVSSv2
CVE-2018-20060
urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the Authorization header to be exposed to unintended hosts or transmitted i...
Python Urllib3
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
6.8
CVSSv2
CVE-2018-20004
An issue has been found in Mini-XML (aka mxml) 2.12. It is a stack-based buffer overflow in mxml_write_node in mxml-file.c via vectors involving a double-precision floating point number and the '<order type="real">' substring, as demonstrated by testmxml...
Mini-xml Project Mini-xml 2.12
Debian Debian Linux 8.0
Fedoraproject Fedora 28
Fedoraproject Fedora 29
4.3
CVSSv2
CVE-2018-20005
An issue has been found in Mini-XML (aka mxml) 2.12. It is a use-after-free in mxmlWalkNext in mxml-search.c, as demonstrated by mxmldoc.
Msweet Mini-xml 2.12
Fedoraproject Fedora 28
Fedoraproject Fedora 29
5
CVSSv2
CVE-2018-19591
In the GNU C Library (aka glibc or libc6) up to and including 2.28, attempting to resolve a crafted hostname via getaddrinfo() leads to the allocation of a socket descriptor that is not closed. This is related to the if_nametoindex() function.
Gnu Glibc
Fedoraproject Fedora 28
Fedoraproject Fedora 29
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »