Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora 21 vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2014-9328
ClamAV prior to 0.98.6 allows remote malicious users to have unspecified impact via a crafted upack packer file, related to a "heap out of bounds condition."
Fedoraproject Fedora 20
Fedoraproject Fedora 21
Clamav Clamav
668
VMScore
CVE-2015-6816
ganglia-web prior to 3.7.1 allows remote malicious users to bypass authentication.
Fedoraproject Fedora 22
Fedoraproject Fedora 23
Fedoraproject Fedora 21
Ganglia Ganglia-web
383
VMScore
CVE-2014-8488
Cross-site scripting (XSS) vulnerability in the administrator panel in Yourls 1.7 allows remote malicious users to inject arbitrary web script or HTML via a URL that is processed by the Shorten functionality.
Yourls Yourls 1.7
Fedoraproject Fedora 20
Fedoraproject Fedora 21
Fedoraproject Fedora 22
445
VMScore
CVE-2010-5304
A NULL pointer dereference flaw was found in the way LibVNCServer prior to 0.9.9 handled certain ClientCutText message. A remote attacker could use this flaw to crash the VNC server by sending a specially crafted ClientCutText message from a VNC client.
Libvncserver Project Libvncserver
Fedoraproject Fedora 19
Fedoraproject Fedora 20
Fedoraproject Fedora 21
641
VMScore
CVE-2014-7272
Simple Desktop Display Manager (SDDM) prior to 0.10.0 allows local users to gain root privileges because code running as root performs write operations within a user home directory, and this user may have created links in advance (exploitation requires the user to win a race cond...
Sddm Project Sddm
Fedoraproject Fedora 20
Fedoraproject Fedora 21
409
VMScore
CVE-2014-7271
Simple Desktop Display Manager (SDDM) prior to 0.10.0 allows local users to log in as user "sddm" without authentication.
Sddm Project Sddm
Fedoraproject Fedora 20
Fedoraproject Fedora 21
383
VMScore
CVE-2015-4645
Integer overflow in the read_fragment_table_4 function in unsquash-4.c in Squashfs and sasquatch allows remote malicious users to cause a denial of service (application crash) via a crafted input, which triggers a stack-based buffer overflow.
Squashfs Project Squashfs
Fedoraproject Fedora 21
Fedoraproject Fedora 22
445
VMScore
CVE-2015-4410
The Moped::BSON::ObjecId.legal? method in rubygem-moped before commit dd5a7c14b5d2e466f7875d079af71ad19774609b allows remote malicious users to cause a denial of service (worker resource consumption) or perform a cross-site scripting (XSS) attack via a crafted string.
Moped Project Moped -
Fedoraproject Fedora 21
Fedoraproject Fedora 22
516
VMScore
CVE-2015-0556
Open-source ARJ archiver 3.10.22 allows remote malicious users to conduct directory traversal attacks via a symlink attack in an ARJ archive.
Arj Software Arj Archiver
Fedoraproject Fedora 21
Fedoraproject Fedora 20
Fedoraproject Fedora 22
516
VMScore
CVE-2015-0557
Open-source ARJ archiver 3.10.22 does not properly remove leading slashes from paths, which allows remote malicious users to conduct absolute path traversal attacks and write to arbitrary files via multiple leading slashes in a path in an ARJ archive.
Arj Software Arj Archiver
Fedoraproject Fedora 22
Fedoraproject Fedora 21
Fedoraproject Fedora 20
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »