Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora 31 vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2020-12459
In certain Red Hat packages for Grafana 6.x up to and including 6.3.6, the configuration files /etc/grafana/grafana.ini and /etc/grafana/ldap.toml (which contain a secret_key and a bind_password) are world readable.
Grafana Grafana
Fedoraproject Fedora 31
Fedoraproject Fedora 32
6.5
CVSSv3
CVE-2020-13231
In Cacti prior to 1.2.11, auth_profile.php?action=edit allows CSRF for an admin email change.
Cacti Cacti
Fedoraproject Fedora 31
Fedoraproject Fedora 32
7.5
CVSSv3
CVE-2020-24265
An issue exists in tcpreplay tcpprep v4.3.3. There is a heap buffer overflow vulnerability in MemcmpInterceptorCommon() that can make tcpprep crash and cause a denial of service.
Broadcom Tcpreplay 4.3.3
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
7.5
CVSSv3
CVE-2020-24266
An issue exists in tcpreplay tcpprep v4.3.3. There is a heap buffer overflow vulnerability in get_l2len() that can make tcpprep crash and cause a denial of service.
Broadcom Tcpreplay 4.3.3
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Fedoraproject Fedora 33
7.8
CVSSv3
CVE-2019-13282
In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in SampledFunction::transform in Function.cc when using a large index for samples. It can, for example, be triggered by sending a crafted PDF document to the pdftotext tool. It allows an malicious user to use a cra...
Glyphandcog Xpdfreader 4.01.01
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
9.8
CVSSv3
CVE-2019-19010
Eval injection in the Math plugin of Limnoria (prior to 2019.11.09) and Supybot (through 2018-05-09) allows remote unprivileged malicious users to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands.
Limnoria Project Limnoria
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
9.8
CVSSv3
CVE-2019-18182
pacman prior to 5.2 is vulnerable to arbitrary command injection in conf.c in the download_with_xfercommand() function. This can be exploited when unsigned databases are used. To exploit the vulnerability, the user must enable a non-default XferCommand and retrieve an attacker-co...
Pacman Project Pacman
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
9.8
CVSSv3
CVE-2019-18183
pacman prior to 5.2 is vulnerable to arbitrary command injection in lib/libalpm/sync.c in the apply_deltas() function. This can be exploited when unsigned databases are used. To exploit the vulnerability, the user must enable the non-default delta feature and retrieve an attacker...
Pacman Project Pacman
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
7.5
CVSSv3
CVE-2019-14844
A flaw was found in, Fedora versions of krb5 from 1.16.1 to, including 1.17.x, in the way a Kerberos client could crash the KDC by sending one of the RFC 4556 "enctypes". A remote unauthenticated user could use this flaw to crash the KDC.
Mit Kerberos 5
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
7.8
CVSSv3
CVE-2019-12957
In Xpdf 4.01.01, a buffer over-read could be triggered in FoFiType1C::convertToType1 in fofi/FoFiType1C.cc when the index number is larger than the charset array bounds. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It allows an maliciou...
Glyphandcog Xpdfreader 4.01.01
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32886
insecure direct object reference
CVE-2024-34342
file inclusion
CVE-2024-34562
CVE-2024-34347
CVE-2024-26026
CVE-2024-4647
unprivileged
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »