fedoraproject fedora 32 vulnerabilities and exploits

(subscribe to this query)

Out of bounds read in IPC in Google Chrome before 89.0.4389.114 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

Google Chrome Fedoraproject Fedora 32 Fedoraproject Fedora 33 Fedoraproject Fedora 34

Insufficient validation of untrusted input in V8 in Google Chrome before 89.0.4389.128 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.

Google Chrome Fedoraproject Fedora 32 Fedoraproject Fedora 33 Fedoraproject Fedora 34

1 Metasploit module1 Github repository1 Article

A flaw was found in all resteasy 3.x.x versions before 3.12.0.Final and all resteasy 4.x.x versions before 4.6.0.Final, where an improper input validation results in returning an illegal header that integrates into the server's response. This flaw may result in an injection,...

Redhat Resteasy Fedoraproject Fedora 32 Fedoraproject Fedora 33

In radare2 before version 4.5.0, malformed PDB file names in the PDB server path cause shell injection. To trigger the problem it's required to open the executable in radare2 and run idpd to trigger the download. The shell code will execute, and will create a file called pwn...

Radare Radare2 Fedoraproject Fedora 31 Fedoraproject Fedora 32

Users' enrollment capabilities were not being sufficiently checked in Moodle when they are restored into an existing course. This could lead to them unenrolling users without having permission to do so. Versions affected: 3.5 to 3.5.14, 3.7 to 3.7.8, 3.8 to 3.8.5, 3.9 to 3.9...

Moodle Moodle Fedoraproject Fedora 32 Fedoraproject Fedora 33

In moodle, insufficient capability checks could lead to users with the ability to course restore adding additional capabilities to roles within that course. Versions affected: 3.9 to 3.9.2, 3.8 to 3.8.5, 3.7 to 3.7.8, 3.5 to 3.5.14 and previous versions unsupported versions. This...

Moodle Moodle Fedoraproject Fedora 32 Fedoraproject Fedora 33

If the upload course tool in Moodle was used to delete an enrollment method which did not exist or was not already enabled, the tool would erroneously enable that enrollment method. This could lead to unintended users gaining access to the course. Versions affected: 3.9 to 3.9.2,...

Moodle Moodle Fedoraproject Fedora 32 Fedoraproject Fedora 33

The participants table download in Moodle always included user emails, but should have only done so when users' emails are not hidden. Versions affected: 3.9 to 3.9.2, 3.8 to 3.8.5 and 3.7 to 3.7.8. This is fixed in moodle 3.9.3, 3.8.6, 3.7.9, and 3.10.

Moodle Moodle Fedoraproject Fedora 32 Fedoraproject Fedora 33

Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain hosting configurations. This issue affects: Drupal Drupal Core 9.0 ver...

Drupal Drupal Fedoraproject Fedora 32 Fedoraproject Fedora 33

In Cacti prior to 1.2.11, auth_profile.php?action=edit allows CSRF for an admin email change.

Cacti Cacti Fedoraproject Fedora 31 Fedoraproject Fedora 32

« PREV 1 2 3 4 5 6 7 8 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook