Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora 32 vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2020-12459
In certain Red Hat packages for Grafana 6.x up to and including 6.3.6, the configuration files /etc/grafana/grafana.ini and /etc/grafana/ldap.toml (which contain a secret_key and a bind_password) are world readable.
Grafana Grafana
Fedoraproject Fedora 31
Fedoraproject Fedora 32
5.4
CVSSv3
CVE-2021-20279
The ID number user profile field required additional sanitizing to prevent a stored XSS risk in moodle prior to 3.10.2, 3.9.5, 3.8.8, 3.5.17.
Moodle Moodle
Fedoraproject Fedora 32
Fedoraproject Fedora 34
5.3
CVSSv3
CVE-2021-20281
It was possible for some users without permission to view other users' full names to do so via the online users block in moodle prior to 3.10.2, 3.9.5, 3.8.8, 3.5.17.
Moodle Moodle
Fedoraproject Fedora 32
Fedoraproject Fedora 34
7.8
CVSSv3
CVE-2020-28599
A stack-based buffer overflow vulnerability exists in the import_stl.cc:import_stl() functionality of Openscad openscad-2020.12-RC2. A specially crafted STL file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.
Openscad Openscad
Fedoraproject Fedora 32
Fedoraproject Fedora 33
7.5
CVSSv3
CVE-2020-26890
Matrix Synapse prior to 1.20.0 erroneously permits non-standard NaN, Infinity, and -Infinity JSON values in fields of m.room.member events, allowing remote malicious users to execute a denial of service attack against the federation and common Matrix clients. If such a malformed ...
Matrix Synapse
Fedoraproject Fedora 32
Fedoraproject Fedora 33
6.5
CVSSv3
CVE-2020-15117
In Synergy before version 1.12.0, a Synergy server can be crashed by receiving a kMsgHelloBack packet with a client name length set to 0xffffffff (4294967295) if the servers memory is less than 4 GB. It was verified that this issue does not cause a crash through the exception han...
Symless Synergy
Fedoraproject Fedora 32
Fedoraproject Fedora 33
7.5
CVSSv3
CVE-2021-22880
The PostgreSQL adapter in Active Record prior to 6.1.2.1, 6.0.3.5, 5.2.4.5 suffers from a regular expression denial of service (REDoS) vulnerability. Carefully crafted input can cause the input validation in the `money` type of the PostgreSQL adapter in Active Record to spend too...
Rubyonrails Rails
Fedoraproject Fedora 32
Fedoraproject Fedora 33
1 Github repository
5.3
CVSSv3
CVE-2020-25703
The participants table download in Moodle always included user emails, but should have only done so when users' emails are not hidden. Versions affected: 3.9 to 3.9.2, 3.8 to 3.8.5 and 3.7 to 3.7.8. This is fixed in moodle 3.9.3, 3.8.6, 3.7.9, and 3.10.
Moodle Moodle
Fedoraproject Fedora 32
Fedoraproject Fedora 33
5.3
CVSSv3
CVE-2021-20282
When creating a user account, it was possible to verify the account without having access to the verification email link/secret in moodle prior to 3.10.2, 3.9.5, 3.8.8, 3.5.17.
Moodle Moodle
Fedoraproject Fedora 32
Fedoraproject Fedora 34
6.5
CVSSv3
CVE-2020-25700
In moodle, some database module web services allowed students to add entries within groups they did not belong to. Versions affected: 3.9 to 3.9.2, 3.8 to 3.8.5, 3.7 to 3.7.8, 3.5 to 3.5.14 and previous versions unsupported versions. This is fixed in moodle 3.8.6, 3.7.9, 3.5.15, ...
Moodle Moodle
Fedoraproject Fedora 32
Fedoraproject Fedora 33
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »