Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora 21 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-1827
The get_user_grouplist function in the extdom plug-in in FreeIPA prior to 4.1.4 does not properly reallocate memory when processing user accounts, which allows remote malicious users to cause a denial of service (crash) via a group list request for a user that belongs to a large ...
Freeipa Freeipa
Fedoraproject Fedora 22
Fedoraproject Fedora 21
7.5
CVSSv3
CVE-2010-5304
A NULL pointer dereference flaw was found in the way LibVNCServer prior to 0.9.9 handled certain ClientCutText message. A remote attacker could use this flaw to crash the VNC server by sending a specially crafted ClientCutText message from a VNC client.
Libvncserver Project Libvncserver
Fedoraproject Fedora 19
Fedoraproject Fedora 20
Fedoraproject Fedora 21
NA
CVE-2014-8488
Cross-site scripting (XSS) vulnerability in the administrator panel in Yourls 1.7 allows remote malicious users to inject arbitrary web script or HTML via a URL that is processed by the Shorten functionality.
Yourls Yourls 1.7
Fedoraproject Fedora 20
Fedoraproject Fedora 21
Fedoraproject Fedora 22
9.8
CVSSv3
CVE-2015-6816
ganglia-web prior to 3.7.1 allows remote malicious users to bypass authentication.
Fedoraproject Fedora 22
Fedoraproject Fedora 23
Fedoraproject Fedora 21
Ganglia Ganglia-web
7.8
CVSSv3
CVE-2014-7271
Simple Desktop Display Manager (SDDM) prior to 0.10.0 allows local users to log in as user "sddm" without authentication.
Sddm Project Sddm
Fedoraproject Fedora 20
Fedoraproject Fedora 21
7.5
CVSSv3
CVE-2015-4410
The Moped::BSON::ObjecId.legal? method in rubygem-moped before commit dd5a7c14b5d2e466f7875d079af71ad19774609b allows remote malicious users to cause a denial of service (worker resource consumption) or perform a cross-site scripting (XSS) attack via a crafted string.
Moped Project Moped -
Fedoraproject Fedora 21
Fedoraproject Fedora 22
5.5
CVSSv3
CVE-2015-4645
Integer overflow in the read_fragment_table_4 function in unsquash-4.c in Squashfs and sasquatch allows remote malicious users to cause a denial of service (application crash) via a crafted input, which triggers a stack-based buffer overflow.
Squashfs Project Squashfs
Fedoraproject Fedora 21
Fedoraproject Fedora 22
7.8
CVSSv3
CVE-2014-7272
Simple Desktop Display Manager (SDDM) prior to 0.10.0 allows local users to gain root privileges because code running as root performs write operations within a user home directory, and this user may have created links in advance (exploitation requires the user to win a race cond...
Sddm Project Sddm
Fedoraproject Fedora 20
Fedoraproject Fedora 21
NA
CVE-2015-0556
Open-source ARJ archiver 3.10.22 allows remote malicious users to conduct directory traversal attacks via a symlink attack in an ARJ archive.
Arj Software Arj Archiver
Fedoraproject Fedora 21
Fedoraproject Fedora 20
Fedoraproject Fedora 22
NA
CVE-2015-0557
Open-source ARJ archiver 3.10.22 does not properly remove leading slashes from paths, which allows remote malicious users to conduct absolute path traversal attacks and write to arbitrary files via multiple leading slashes in a path in an ARJ archive.
Arj Software Arj Archiver
Fedoraproject Fedora 22
Fedoraproject Fedora 21
Fedoraproject Fedora 20
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »