Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora 31 vulnerabilities and exploits
(subscribe to this query)
694
VMScore
CVE-2020-7046
lib-smtp in submission-login and lmtp in Dovecot 2.3.9 prior to 2.3.9.3 mishandles truncated UTF-8 data in command parameters, as demonstrated by the unauthenticated triggering of a submission-login infinite loop.
Dovecot Dovecot
Fedoraproject Fedora 30
Fedoraproject Fedora 31
357
VMScore
CVE-2019-10195
A flaw was found in IPA, all 4.6.x versions prior to 4.6.7, all 4.7.x versions prior to 4.7.4 and all 4.8.x versions prior to 4.8.3, in the way that FreeIPA's batch processing API logged operations. This included passing user passwords in clear text on FreeIPA masters. Batch...
Freeipa Freeipa
Fedoraproject Fedora 30
Fedoraproject Fedora 31
2 Github repositories
383
VMScore
CVE-2019-10218
A flaw was found in the samba client, all samba versions before samba 4.11.2, 4.10.10 and 4.9.15, where a malicious server can supply a pathname to the client with separators. This could allow the client to access files and folders outside of the SMB network pathnames. An attacke...
Samba Samba
Fedoraproject Fedora 29
Fedoraproject Fedora 31
605
VMScore
CVE-2019-19647
radare2 up to and including 4.0.0 lacks validation of the content variable in the function r_asm_pseudo_incbin at libr/asm/asm.c, ultimately leading to an arbitrary write. This allows remote malicious users to cause a denial of service (application crash) or possibly have unspeci...
Radare Radare2
Fedoraproject Fedora 30
Fedoraproject Fedora 31
187
VMScore
CVE-2020-12459
In certain Red Hat packages for Grafana 6.x up to and including 6.3.6, the configuration files /etc/grafana/grafana.ini and /etc/grafana/ldap.toml (which contain a secret_key and a bind_password) are world readable.
Grafana Grafana
Fedoraproject Fedora 31
Fedoraproject Fedora 32
605
VMScore
CVE-2020-15121
In radare2 before version 4.5.0, malformed PDB file names in the PDB server path cause shell injection. To trigger the problem it's required to open the executable in radare2 and run idpd to trigger the download. The shell code will execute, and will create a file called pwn...
Radare Radare2
Fedoraproject Fedora 31
Fedoraproject Fedora 32
383
VMScore
CVE-2020-11054
In qutebrowser versions less than 1.11.1, reloading a page with certificate errors shows a green URL. After a certificate error was overridden by the user, qutebrowser displays the URL as yellow (colors.statusbar.url.warn.fg). However, when the affected website was subsequently l...
Qutebrowser Qutebrowser
Fedoraproject Fedora 31
Fedoraproject Fedora 32
605
VMScore
CVE-2019-14867
A flaw was found in IPA, all 4.6.x versions prior to 4.6.7, all 4.7.x versions prior to 4.7.4 and all 4.8.x versions prior to 4.8.3, in the way the internal function ber_scanf() was used in some components of the IPA server, which parsed kerberos key data. An unauthenticated atta...
Freeipa Freeipa
Fedoraproject Fedora 30
Fedoraproject Fedora 31
1 Github repository
605
VMScore
CVE-2019-18887
An issue exists in Symfony 2.8.0 up to and including 2.8.50, 3.4.0 up to and including 3.4.34, 4.2.0 up to and including 4.2.11, and 4.3.0 up to and including 4.3.7. The UriSigner was subject to timing attacks. This is related to symfony/http-kernel.
Sensiolabs Symfony
Fedoraproject Fedora 30
Fedoraproject Fedora 31
445
VMScore
CVE-2019-19722
In Dovecot prior to 2.3.9.2, an attacker can crash a push-notification driver with a crafted email when push notifications are used, because of a NULL Pointer Dereference. The email must use a group address as either the sender or the recipient.
Dovecot Dovecot
Fedoraproject Fedora 30
Fedoraproject Fedora 31
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4644
unprivileged
CVE-2024-3494
CVE-2024-22460
CVE-2024-26026
CVE-2024-23473
firewall
CVE-2024-28889
XML external entity
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »