fedoraproject fedora 20 vulnerabilities and exploits

(subscribe to this query)

The rds_iw_laddr_check function in net/rds/iw.c in the Linux kernel up to and including 3.14 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a bind system call for an RDS socket on a system ...

Linux Linux Kernel Fedoraproject Fedora 20 Oracle Linux 5

visionmedia send prior to 0.8.4 for Node.js uses a partial comparison for verifying whether a directory is within the document root, which allows remote malicious users to access restricted directories, as demonstrated using "public-restricted" under a "public"...

Fedoraproject Fedora 19 Fedoraproject Fedora 20 Fedoraproject Fedora 21 Apple Xcode 7.0 Joyent Node.js Joyent Node.js 0.8.0 Joyent Node.js 0.8.1 Joyent Node.js 0.8.2

2 Github repositories

lib/graph_export.php in Cacti 0.8.7g, 0.8.8b, and previous versions allows remote authenticated users to execute arbitrary commands via shell metacharacters in unspecified vectors.

Cacti Cacti Fedoraproject Fedora 19 Fedoraproject Fedora 20 Opensuse Opensuse 13.1 Opensuse Opensuse 13.2 Debian Debian Linux 7.0

An eval() vulnerability exists in Python Software Foundation Djblets 0.7.21 and Beanbag Review Board prior to 1.7.15 when parsing JSON requests.

Python Software Foundation; Beanbag Djblets Python Software Foundation; Beanbag Review Board Reviewboard Djblets 0.7.21 Reviewboard Review Board Fedoraproject Fedora 18 Fedoraproject Fedora 19 Fedoraproject Fedora 20 Redhat Enterprise Linux 6.0

Trusted Boot (tboot) prior to 1.8.2 has a 'loader.c' Security Bypass Vulnerability

Trusted Boot Project Trusted Boot Redhat Enterprise Linux 6.0 Redhat Enterprise Linux 7.0 Fedoraproject Fedora 19 Fedoraproject Fedora 20

Cross-site scripting (XSS) vulnerability in cdef.php in Cacti 0.8.7g, 0.8.8b, and previous versions allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.

Fedoraproject Fedora 19 Fedoraproject Fedora 20 Opensuse Opensuse 13.1 Opensuse Opensuse 13.2 Cacti Cacti 0.8.7g Debian Debian Linux 7.0

(1) core/tests/test_memmap.py, (2) core/tests/test_multiarray.py, (3) f2py/f2py2e.py, and (4) lib/tests/test_io.py in NumPy prior to 1.8.1 allow local users to write to arbitrary files via a symlink attack on a temporary file.

Numpy Numpy Numpy Numpy 1.8.1 Fedoraproject Fedora 19 Fedoraproject Fedora 20 Redhat Enterprise Linux 6.0 Redhat Enterprise Linux 7.0

Directory traversal vulnerability in GNU patch versions which support Git-style patching prior to 2.7.3 allows remote malicious users to write to arbitrary files with the permissions of the target user via a .. (dot dot) in a diff file name.

Fedoraproject Fedora 20 Fedoraproject Fedora 21 Canonical Ubuntu Linux 12.04 Canonical Ubuntu Linux 14.04 Canonical Ubuntu Linux 14.10 Gnu Patch

The scipy.weave component in SciPy prior to 0.12.1 creates insecure temporary directories.

Scipy Scipy Fedoraproject Fedora 18 Fedoraproject Fedora 19 Fedoraproject Fedora 20 Redhat Enterprise Linux 6.0 Debian Debian Linux 8.0 Debian Debian Linux 9.0 Debian Debian Linux 10.0

Chrony prior to 1.29.1 has traffic amplification in cmdmon protocol

Chrony Chrony Chrony Project Chrony Debian Debian Linux 8.0 Debian Debian Linux 9.0 Debian Debian Linux 10.0 Fedoraproject Fedora 19 Fedoraproject Fedora 20

« PREV 1 2 3 4 5 6 7 8 9 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook