Filtered by vendor Fedoraproject
Subscriptions
Filtered by product Fedora
Subscriptions
Total
5368 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-8693 | 4 Fedoraproject, Jasper Project, Opensuse and 1 more | 4 Fedora, Jasper, Opensuse and 1 more | 2025-04-20 | N/A |
| Double free vulnerability in the mem_close function in jas_stream.c in JasPer before 1.900.10 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted BMP image to the imginfo command. | ||||
| CVE-2016-5178 | 5 Debian, Fedoraproject, Google and 2 more | 8 Debian Linux, Fedora, Chrome and 5 more | 2025-04-20 | N/A |
| Multiple unspecified vulnerabilities in Google Chrome before 53.0.2785.143 allow remote attackers to cause a denial of service or possibly have other impact via unknown vectors. | ||||
| CVE-2015-6816 | 2 Fedoraproject, Ganglia | 2 Fedora, Ganglia-web | 2025-04-20 | N/A |
| ganglia-web before 3.7.1 allows remote attackers to bypass authentication. | ||||
| CVE-2015-5705 | 2 Devscripts Devel Team, Fedoraproject | 2 Devscripts, Fedora | 2025-04-20 | N/A |
| Argument injection vulnerability in devscripts before 2.15.7 allows remote attackers to write to arbitrary files via a crafted symlink and crafted filename. | ||||
| CVE-2015-5607 | 2 Fedoraproject, Ipython | 2 Fedora, Ipython | 2025-04-20 | N/A |
| Cross-site request forgery in the REST API in IPython 2 and 3. | ||||
| CVE-2016-5177 | 5 Debian, Fedoraproject, Google and 2 more | 8 Debian Linux, Fedora, Chrome and 5 more | 2025-04-20 | N/A |
| Use-after-free vulnerability in V8 in Google Chrome before 53.0.2785.143 allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact via unknown vectors. | ||||
| CVE-2015-5258 | 2 Fedoraproject, Vmware | 2 Fedora, Spring Social | 2025-04-20 | 8.8 High |
| Cross-site request forgery (CSRF) vulnerability in springframework-social before 1.1.3. | ||||
| CVE-2015-7977 | 9 Canonical, Debian, Fedoraproject and 6 more | 13 Ubuntu Linux, Debian Linux, Fedora and 10 more | 2025-04-20 | 5.9 Medium |
| ntpd in NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (NULL pointer dereference) via a ntpdc reslist command. | ||||
| CVE-2015-5070 | 2 Fedoraproject, Wesnoth | 2 Fedora, Battle For Wesnoth | 2025-04-20 | N/A |
| The (1) filesystem::get_wml_location function in filesystem.cpp and (2) is_legal_file function in filesystem_boost.cpp in Battle for Wesnoth before 1.12.4 and 1.13.x before 1.13.1, when a case-insensitive filesystem is used, allow remote attackers to obtain sensitive information via vectors related to inclusion of .pbl files from WML. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-5069. | ||||
| CVE-2015-1395 | 3 Canonical, Fedoraproject, Gnu | 3 Ubuntu Linux, Fedora, Patch | 2025-04-20 | N/A |
| Directory traversal vulnerability in GNU patch versions which support Git-style patching before 2.7.3 allows remote attackers to write to arbitrary files with the permissions of the target user via a .. (dot dot) in a diff file name. | ||||
| CVE-2016-2090 | 4 Canonical, Debian, Fedoraproject and 1 more | 4 Ubuntu Linux, Debian Linux, Fedora and 1 more | 2025-04-20 | 9.8 Critical |
| Off-by-one vulnerability in the fgetwln function in libbsd before 0.8.2 allows attackers to have unspecified impact via unknown vectors, which trigger a heap-based buffer overflow. | ||||
| CVE-2015-5704 | 2 Devscripts Devel Team, Fedoraproject | 2 Devscripts, Fedora | 2025-04-20 | N/A |
| scripts/licensecheck.pl in devscripts before 2.15.7 allows local users to execute arbitrary shell commands. | ||||
| CVE-2016-4796 | 2 Fedoraproject, Uclouvain | 2 Fedora, Openjpeg | 2025-04-20 | N/A |
| Heap-based buffer overflow in the color_cmyk_to_rgb in common/color.c in OpenJPEG before 2.1.1 allows remote attackers to cause a denial of service (crash) via a crafted .j2k file. | ||||
| CVE-2015-8567 | 6 Canonical, Debian, Fedoraproject and 3 more | 10 Ubuntu Linux, Debian Linux, Fedora and 7 more | 2025-04-20 | 7.7 High |
| Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service (memory consumption). | ||||
| CVE-2015-8008 | 2 Fedoraproject, Mediawiki | 2 Fedora, Mediawiki | 2025-04-20 | N/A |
| The OAuth extension for MediaWiki improperly negotiates a new client token only over Special:OAuth/initiate, which allows attackers to bypass intended IP address access restrictions by making an API request with an existing token. | ||||
| CVE-2015-1839 | 2 Fedoraproject, Saltstack | 2 Fedora, Salt | 2025-04-20 | N/A |
| modules/chef.py in SaltStack before 2014.7.4 does not properly handle files in /tmp. | ||||
| CVE-2017-11368 | 3 Fedoraproject, Mit, Redhat | 4 Fedora, Kerberos, Kerberos 5 and 1 more | 2025-04-20 | N/A |
| In MIT Kerberos 5 (aka krb5) 1.7 and later, an authenticated attacker can cause a KDC assertion failure by sending invalid S4U2Self or S4U2Proxy requests. | ||||
| CVE-2016-7970 | 2 Fedoraproject, Libass Project | 2 Fedora, Libass | 2025-04-20 | N/A |
| Buffer overflow in the calc_coeff function in libass/ass_blur.c in libass before 0.13.4 allows remote attackers to cause a denial of service via unspecified vectors. | ||||
| CVE-2016-7972 | 3 Fedoraproject, Libass Project, Opensuse | 4 Fedora, Libass, Leap and 1 more | 2025-04-20 | N/A |
| The check_allocations function in libass/ass_shaper.c in libass before 0.13.4 allows remote attackers to cause a denial of service (memory allocation failure) via unspecified vectors. | ||||
| CVE-2015-3405 | 7 Debian, Fedoraproject, Ntp and 4 more | 14 Debian Linux, Fedora, Ntp and 11 more | 2025-04-20 | N/A |
| ntp-keygen in ntp 4.2.8px before 4.2.8p2-RC2 and 4.3.x before 4.3.12 does not generate MD5 keys with sufficient entropy on big endian machines when the lowest order byte of the temp variable is between 0x20 and 0x7f and not #, which might allow remote attackers to obtain the value of generated MD5 keys via a brute force attack with the 93 possible keys. | ||||