fedoraproject fedora 28 vulnerabilities and exploits

(subscribe to this query)

Checkstyle prior to 8.18 loads external DTDs by default.

Checkstyle Checkstyle Debian Debian Linux 8.0 Fedoraproject Fedora 28 Fedoraproject Fedora 29

An issue exists in gsi-openssh-server 7.9p1 on Fedora 29. If PermitPAMUserChange is set to yes in the /etc/gsissh/sshd_config file, logins succeed with a valid username and an incorrect password, even though a failure entry is recorded in the /var/log/messages file.

Fedoraproject Fedora 28 Fedoraproject Fedora 29 Gsi-openssh Project Gsi-openssh 7.9

In Drupal 7 versions before 7.65; Drupal 8.6 versions before 8.6.13;Drupal 8.5 versions before 8.5.14. Under certain circumstances the File module/subsystem allows a malicious user to upload a file that can trigger a cross-site scripting (XSS) vulnerability.

Drupal Drupal Debian Debian Linux 8.0 Fedoraproject Fedora 28 Fedoraproject Fedora 29

An invalid authentication sequence could result in the hostapd process terminating due to missing state validation steps when processing the SAE confirm message when in hostapd/AP mode. All version of hostapd with SAE support are vulnerable. An attacker may force the hostapd proc...

W1.fi Hostapd W1.fi Wpa Supplicant Fedoraproject Fedora 28 Fedoraproject Fedora 29 Fedoraproject Fedora 30

The implementations of EAP-PWD in hostapd EAP Server and wpa_supplicant EAP Peer do not validate the scalar and element values in EAP-pwd-Commit. This vulnerability may allow an malicious user to complete EAP-PWD authentication without knowing the password. However, unless the cr...

W1.fi Hostapd W1.fi Wpa Supplicant Fedoraproject Fedora 28 Fedoraproject Fedora 29 Fedoraproject Fedora 30

Poppler 0.74.0 has a heap-based buffer over-read in the CairoRescaleBox.cc downsample_row_box_filter function.

Freedesktop Poppler 0.74.0 Fedoraproject Fedora 28 Fedoraproject Fedora 29 Fedoraproject Fedora 30 Debian Debian Linux 8.0

In the ffgphd and ffgtkn functions in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT image to trigger this vulnerability and potentially gain code execution.

Nasa Cfitsio 3.42 Fedoraproject Fedora 28

Openwsman, versions up to and including 2.6.9, are vulnerable to infinite loop in process_connection() when parsing specially crafted HTTP requests. A remote, unauthenticated attacker can exploit this vulnerability by sending malicious HTTP request to cause denial of service to o...

Openwsman Project Openwsman Fedoraproject Fedora 28 Fedoraproject Fedora 29 Fedoraproject Fedora 30 Opensuse Leap 15.0 Opensuse Leap 42.3

1 Article

It exists in gnutls before version 3.6.7 upstream that there is an uninitialized pointer access in gnutls versions 3.6.3 or later which can be triggered by certain post-handshake messages.

Gnu Gnutls Fedoraproject Fedora 28 Opensuse Leap 15.0

An issue has been found in Mini-XML (aka mxml) 2.12. It is a stack-based buffer overflow in mxml_write_node in mxml-file.c via vectors involving a double-precision floating point number and the '<order type="real">' substring, as demonstrated by testmxml...

Mini-xml Project Mini-xml 2.12 Debian Debian Linux 8.0 Fedoraproject Fedora 28 Fedoraproject Fedora 29

« PREV 1 2 3 4 5 6 7 8 9 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook