Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedora vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2022-0117
Policy bypass in Blink in Google Chrome before 97.0.4692.71 allowed a remote malicious user to leak cross-origin data via a crafted HTML page.
Google Chrome
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
4.3
CVSSv3
CVE-2022-0118
Inappropriate implementation in WebShare in Google Chrome before 97.0.4692.71 allowed a remote malicious user to potentially hide the contents of the Omnibox (URL bar) via a crafted HTML page.
Google Chrome
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
7.5
CVSSv3
CVE-2013-4410
ReviewBoard: has an access-control problem in REST API
Reviewboard Reviewboard
Fedoraproject Fedora 18
Fedoraproject Fedora 19
Fedoraproject Fedora 20
4.3
CVSSv3
CVE-2013-4411
Review Board: URL processing gives unauthorized users access to review lists
Reviewboard Reviewboard
Fedoraproject Fedora 18
Fedoraproject Fedora 19
Fedoraproject Fedora 20
6.5
CVSSv3
CVE-2019-14664
In Enigmail below 2.1, an attacker in possession of PGP encrypted emails can wrap them as sub-parts within a crafted multipart email. The encrypted part(s) can further be hidden using HTML/CSS or ASCII newline characters. This modified multipart email can be re-sent by the malici...
Enigmail Enigmail
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
7.8
CVSSv3
CVE-2019-14745
In radare2 prior to 3.7.0, a command injection vulnerability exists in bin_symbols() in libr/core/cbin.c. By using a crafted executable file, it's possible to execute arbitrary shell commands with the permissions of the victim. This vulnerability is due to improper handling ...
Radare Radare2
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
1 Github repository
5.9
CVSSv3
CVE-2021-40530
The ElGamal implementation in Crypto++ up to and including 8.5 allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver&...
Cryptopp Crypto\\+\\+
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
8.8
CVSSv3
CVE-2021-21206
Use after free in Blink in Google Chrome before 89.0.4389.128 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
6.5
CVSSv3
CVE-2019-12922
A CSRF issue in phpMyAdmin 4.9.0.1 allows deletion of any server in the Setup page.
Phpmyadmin Phpmyadmin
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
1 EDB exploit
9.8
CVSSv3
CVE-2022-24883
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP). Prior to version 2.7.0, server side authentication against a `SAM` file might be successful for invalid credentials if the server has configured an invalid `SAM` file path. FreeRDP based clients are not affect...
Freerdp Freerdp
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »