Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedora vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2015-8008
The OAuth extension for MediaWiki improperly negotiates a new client token only over Special:OAuth/initiate, which allows malicious users to bypass intended IP address access restrictions by making an API request with an existing token.
Mediawiki Mediawiki
Fedoraproject Fedora 23
Fedoraproject Fedora 21
Fedoraproject Fedora 22
187
VMScore
CVE-2013-1888
pip prior to 1.3 allows local users to overwrite arbitrary files via a symlink attack on a file in the /tmp/pip-build temporary directory.
Pypa Pip
Fedoraproject Fedora 17
Fedoraproject Fedora 18
Fedoraproject Fedora 19
383
VMScore
CVE-2015-2665
Cross-site scripting (XSS) vulnerability in Cacti prior to 0.8.8d allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Cacti Cacti
Fedoraproject Fedora 22
Fedoraproject Fedora 24
Fedoraproject Fedora 23
383
VMScore
CVE-2015-2793
Cross-site scripting (XSS) vulnerability in templates/openid-selector.tmpl in ikiwiki prior to 3.20150329 allows remote malicious users to inject arbitrary web script or HTML via the openid_identifier parameter in a verify action to ikiwiki.cgi.
Ikiwiki Ikiwiki
Fedoraproject Fedora 22
Fedoraproject Fedora 20
Fedoraproject Fedora 21
445
VMScore
CVE-2021-29063
A Regular Expression Denial of Service (ReDOS) vulnerability exists in Mpmath v1.0.0 through v1.2.1 when the mpmathify function is called.
Mpmath Mpmath
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
445
VMScore
CVE-2018-20060
urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme). This can allow for credentials in the Authorization header to be exposed to unintended hosts or transmitted i...
Python Urllib3
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
446
VMScore
CVE-2019-19886
Trustwave ModSecurity 3.0.0 up to and including 3.0.3 allows an malicious user to send crafted requests that may, when sent quickly in large volumes, lead to the server becoming slow or unresponsive (Denial of Service) because of a flaw in Transaction::addRequestHeader in transac...
Trustwave Modsecurity
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
445
VMScore
CVE-2021-29424
The Net::Netmask module prior to 2.0000 for Perl does not properly consider extraneous zero characters at the beginning of an IP address string, which (in some situations) allows malicious users to bypass access control that is based on IP addresses.
Net\\ \\ Netmask Project
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
392
VMScore
CVE-2021-22004
An issue exists in SaltStack Salt prior to 3003.3. The salt minion installer will accept and use a minion config file at C:\salt\conf if that file is in place before the installer is run. This allows for a malicious actor to subvert the proper behaviour of the given minion softwa...
Saltstack Salt
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
585
VMScore
CVE-2019-12922
A CSRF issue in phpMyAdmin 4.9.0.1 allows deletion of any server in the Setup page.
Phpmyadmin Phpmyadmin
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2024-34413
CVE-2024-34089
CVE-2024-33408
local
SQL
CVE-2024-0402
CVE-2024-33910
CVE-2024-31848
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »