CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Fedoraproject : Security Vulnerabilities (CVSS score between 2 and 4.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2007-5594 352 CSRF 2007-10-19 2021-04-19
4.3
None Remote Medium Not required None Partial None
Drupal 5.x before 5.3 does not apply its Drupal Forms API protection against the user deletion form, which allows remote attackers to delete users via a cross-site request forgery (CSRF) attack.
2 CVE-2007-6283 200 DoS +Info 2007-12-18 2022-02-25
4.9
None Local Low Not required None None Complete
Red Hat Enterprise Linux 5 and Fedora install the Bind /etc/rndc.key file with world-readable permissions, which allows local users to perform unauthorized named commands, such as causing a denial of service by stopping named.
3 CVE-2008-0595 863 Bypass 2008-02-29 2022-02-07
4.6
None Local Low Not required Partial Partial Partial
dbus-daemon in D-Bus before 1.0.3, and 1.1.x before 1.1.20, recognizes send_interface attributes in allow directives in the security policy only for fully qualified method calls, which allows local users to bypass intended access restrictions via a method call with a NULL interface.
4 CVE-2008-2944 415 DoS 2008-06-30 2022-02-07
4.9
None Local Low Not required None None Complete
Double free vulnerability in the utrace support in the Linux kernel, probably 2.6.18, in Red Hat Enterprise Linux (RHEL) 5 and Fedora Core 6 (FC6) allows local users to cause a denial of service (oops), as demonstrated by a crash when running the GNU GDB testsuite, a different vulnerability than CVE-2008-2365.
5 CVE-2008-3218 79 XSS 2008-07-18 2021-04-19
4.3
None Remote Medium Not required None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in Drupal 6.x before 6.3 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) free tagging taxonomy terms, which are not properly handled on node preview pages, and (2) unspecified OpenID values.
6 CVE-2008-3219 79 XSS 2008-07-18 2021-04-15
4.3
None Remote Medium Not required None Partial None
The Drupal filter_xss_admin function in 5.x before 5.8 and 6.x before 6.3 does not "prevent use of the object HTML tag in administrator input," which has unknown impact and attack vectors, probably related to an insufficient cross-site scripting (XSS) protection mechanism.
7 CVE-2008-3220 352 CSRF 2008-07-18 2021-04-15
4.3
None Remote Medium Not required None Partial None
Cross-site request forgery (CSRF) vulnerability in Drupal 5.x before 5.8 and 6.x before 6.3 allows remote attackers to perform administrative actions via vectors involving deletion of "translated strings."
8 CVE-2008-3221 352 CSRF 2008-07-18 2021-04-15
4.3
None Remote Medium Not required None Partial None
Cross-site request forgery (CSRF) vulnerability in Drupal 6.x before 6.3 allows remote attackers to perform administrative actions via vectors involving deletion of OpenID identities.
9 CVE-2009-1186 120 DoS Overflow 2009-04-17 2022-06-03
2.1
None Local Low Not required None None Partial
Buffer overflow in the util_path_encode function in udev/lib/libudev-util.c in udev before 1.4.1 allows local users to cause a denial of service (service outage) via vectors that trigger a call with crafted arguments.
10 CVE-2009-1242 20 DoS 2009-04-06 2020-08-27
4.9
None Local Low Not required None None Complete
The vmx_set_msr function in arch/x86/kvm/vmx.c in the VMX implementation in the KVM subsystem in the Linux kernel before 2.6.29.1 on the i386 platform allows guest OS users to cause a denial of service (OOPS) by setting the EFER_LME (aka "Long mode enable") bit in the Extended Feature Enable Register (EFER) model-specific register, which is specific to the x86_64 platform.
11 CVE-2009-1903 DoS XSS 2009-06-03 2021-02-14
4.3
None Remote Medium Not required None None Partial
The PDF XSS protection feature in ModSecurity before 2.5.8 allows remote attackers to cause a denial of service (Apache httpd crash) via a request for a PDF file that does not use the GET method.
12 CVE-2009-2472 79 XSS Bypass 2009-07-22 2021-07-29
4.3
None Remote Medium Not required None Partial None
Mozilla Firefox before 3.0.12 does not always use XPCCrossOriginWrapper when required during object construction, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via a crafted document, related to a "cross origin wrapper bypass."
13 CVE-2009-2910 200 +Info 2009-10-20 2020-08-07
2.1
None Local Low Not required Partial None None
arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.31.4 on the x86_64 platform does not clear certain kernel registers before a return to user mode, which allows local users to read register values from an earlier process by switching an ia32 process to 64-bit mode.
14 CVE-2009-3612 200 +Info 2009-10-19 2020-08-14
2.1
None Local Low Not required Partial None None
The tcf_fill_node function in net/sched/cls_api.c in the netlink subsystem in the Linux kernel 2.6.x before 2.6.32-rc5, and 2.4.37.6 and earlier, does not initialize a certain tcm__pad2 structure member, which might allow local users to obtain sensitive information from kernel memory via unspecified vectors. NOTE: this issue exists because of an incomplete fix for CVE-2005-4881.
15 CVE-2009-3621 400 DoS 2009-10-22 2020-08-12
4.9
None Local Low Not required None None Complete
net/unix/af_unix.c in the Linux kernel 2.6.31.4 and earlier allows local users to cause a denial of service (system hang) by creating an abstract-namespace AF_UNIX listening socket, performing a shutdown operation on this socket, and then performing a series of connect operations to this socket.
16 CVE-2009-3767 295 2009-10-23 2020-10-14
4.3
None Remote Medium Not required None Partial None
libraries/libldap/tls_o.c in OpenLDAP 2.2 and 2.4, and possibly other versions, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
17 CVE-2009-4135 59 +Priv 2009-12-11 2017-08-17
4.4
None Local Medium Not required Partial Partial Partial
The distcheck rule in dist-check.mk in GNU coreutils 5.2.1 through 8.1 allows local users to gain privileges via a symlink attack on a file in a directory tree under /tmp.
18 CVE-2010-0014 287 Bypass 2010-01-14 2010-01-15
3.7
None Local High Not required Partial Partial Partial
System Security Services Daemon (SSSD) before 1.0.1, when the krb5 auth_provider is configured but the KDC is unreachable, allows physically proximate attackers to authenticate, via an arbitrary password, to the screen-locking program on a workstation that has any user's Kerberos ticket-granting ticket (TGT); and might allow remote attackers to bypass intended access restrictions via vectors involving an arbitrary password in conjunction with a valid TGT.
19 CVE-2010-0205 400 DoS 2010-03-03 2020-08-07
4.3
None Remote Medium Not required None None Partial
The png_decompress_chunk function in pngrutil.c in libpng 1.0.x before 1.0.53, 1.2.x before 1.2.43, and 1.4.x before 1.4.1 does not properly handle compressed ancillary-chunk data that has a disproportionately large uncompressed representation, which allows remote attackers to cause a denial of service (memory and CPU consumption, and application hang) via a crafted PNG file, as demonstrated by use of the deflate compression method on data composed of many occurrences of the same character, related to a "decompression bomb" attack.
20 CVE-2010-2008 77 DoS 2010-07-13 2020-11-09
3.5
None Remote Medium ??? None None Partial
MySQL before 5.1.48 allows remote authenticated users with alter database privileges to cause a denial of service (server crash and database loss) via an ALTER DATABASE command with a #mysql50# string followed by a . (dot), .. (dot dot), ../ (dot dot slash) or similar sequence, and an UPGRADE DATA DIRECTORY NAME command, which causes MySQL to move certain directories to the server data directory.
21 CVE-2010-2249 401 DoS 2010-06-30 2020-08-14
4.3
None Remote Medium Not required None None Partial
Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks.
22 CVE-2010-3439 20 2019-11-12 2019-11-14
4.0
None Remote Low ??? None None Partial
It is possible to cause a DoS condition by causing the server to crash in alien-arena 7.33 by supplying various invalid parameters to the download command.
23 CVE-2010-3442 190 DoS Overflow Mem. Corr. 2010-10-04 2020-08-10
4.7
None Local Medium Not required None None Complete
Multiple integer overflows in the snd_ctl_new function in sound/core/control.c in the Linux kernel before 2.6.36-rc5-next-20100929 allow local users to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted (1) SNDRV_CTL_IOCTL_ELEM_ADD or (2) SNDRV_CTL_IOCTL_ELEM_REPLACE ioctl call.
24 CVE-2010-3698 400 DoS 2010-11-26 2020-08-14
4.9
None Local Low Not required None None Complete
The KVM implementation in the Linux kernel before 2.6.36 does not properly reload the FS and GS segment registers, which allows host OS users to cause a denial of service (host OS crash) via a KVM_RUN ioctl call in conjunction with a modified Local Descriptor Table (LDT).
25 CVE-2010-3874 787 DoS Overflow Mem. Corr. 2010-12-29 2020-08-14
4.0
None Local High Not required None None Complete
Heap-based buffer overflow in the bcm_connect function in net/can/bcm.c (aka the Broadcast Manager) in the Controller Area Network (CAN) implementation in the Linux kernel before 2.6.36.2 on 64-bit platforms might allow local users to cause a denial of service (memory corruption) via a connect operation.
26 CVE-2010-4158 200 +Info 2010-12-30 2020-08-14
2.1
None Local Low Not required Partial None None
The sk_run_filter function in net/core/filter.c in the Linux kernel before 2.6.36.2 does not check whether a certain memory location has been initialized before executing a (1) BPF_S_LD_MEM or (2) BPF_S_LDX_MEM instruction, which allows local users to obtain potentially sensitive information from kernel stack memory via a crafted socket filter.
27 CVE-2010-4162 190 DoS Overflow 2011-01-03 2020-08-14
4.7
None Local Medium Not required None None Complete
Multiple integer overflows in fs/bio.c in the Linux kernel before 2.6.36.2 allow local users to cause a denial of service (system crash) via a crafted device ioctl to a SCSI device.
28 CVE-2010-4169 416 DoS 2010-11-22 2020-08-13
4.9
None Local Low Not required None None Complete
Use-after-free vulnerability in mm/mprotect.c in the Linux kernel before 2.6.37-rc2 allows local users to cause a denial of service via vectors involving an mprotect system call.
29 CVE-2010-4177 319 2019-11-12 2019-11-15
2.1
None Local Low Not required Partial None None
mysql-gui-tools (mysql-query-browser and mysql-admin) before 5.0r14+openSUSE-2.3 exposes the password of a user connected to the MySQL server in clear text form via the list of running processes.
30 CVE-2010-4178 522 2019-11-06 2019-11-08
2.1
None Local Low Not required Partial None None
MySQL-GUI-tools (mysql-administrator) leaks passwords into process list after with launch of mysql text console
31 CVE-2010-4249 400 1 DoS 2010-11-29 2020-08-14
4.9
None Local Low Not required None None Complete
The wait_for_unix_gc function in net/unix/garbage.c in the Linux kernel before 2.6.37-rc3-next-20101125 does not properly select times for garbage collection of inflight sockets, which allows local users to cause a denial of service (system hang) via crafted use of the socketpair and sendmsg system calls for SOCK_SEQPACKET sockets.
32 CVE-2010-4341 399 DoS 2011-01-25 2017-08-17
2.1
None Local Low Not required None None Partial
The pam_parse_in_data_v2 function in src/responder/pam/pamsrv_cmd.c in the PAM responder in SSSD 1.5.0, 1.4.x, and 1.3 allows local users to cause a denial of service (infinite loop, crash, and login prevention) via a crafted packet.
33 CVE-2010-4661 434 2019-11-13 2019-11-18
4.6
None Local Low Not required Partial Partial Partial
udisks before 1.0.3 allows a local user to load arbitrary Linux kernel modules.
34 CVE-2010-5109 189 DoS Overflow 2014-05-05 2014-05-05
4.3
None Remote Medium Not required None None Partial
Off-by-one error in the DecompressRTF function in ytnef.c in Yerase's TNEF Stream Reader allows remote attackers to cause a denial of service (crash) via a crafted TNEF file, which triggers a buffer overflow.
35 CVE-2011-0022 399 DoS 2011-02-23 2011-03-31
4.7
None Local Medium Not required None None Complete
The setup scripts in 389 Directory Server 1.2.x (aka Red Hat Directory Server 8.2.x), when multiple unprivileged instances are configured, use 0777 permissions for the /var/run/dirsrv directory, which allows local users to cause a denial of service (daemon outage or arbitrary process termination) by replacing PID files contained in this directory.
36 CVE-2011-0704 20 DoS 2018-05-04 2018-06-07
4.3
None Remote Medium Not required None None Partial
389 Directory Server 1.2.7.5, when built with mozldap, allows remote attackers to cause a denial of service (replica crash) by sending an empty modify request.
37 CVE-2011-0762 400 1 DoS 2011-03-02 2021-03-04
4.0
None Remote Low ??? None None Partial
The vsf_filename_passes_filter function in ls.c in vsftpd before 2.3.3 allows remote authenticated users to cause a denial of service (CPU consumption and process slot exhaustion) via crafted glob expressions in STAT commands in multiple FTP sessions, a different vulnerability than CVE-2010-2632.
38 CVE-2011-1758 287 Bypass 2011-05-26 2011-05-27
3.7
None Local High Not required Partial Partial Partial
The krb5_save_ccname_done function in providers/krb5/krb5_auth.c in System Security Services Daemon (SSSD) 1.5.x before 1.5.7, when automatic ticket renewal and offline authentication are configured, uses a pathname string as a password, which allows local users to bypass Kerberos authentication by listing the /tmp directory to obtain the pathname.
39 CVE-2011-1783 DoS 2011-06-06 2020-10-05
4.3
None Remote Medium Not required None None Partial
The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz short_circuit option is enabled, allows remote attackers to cause a denial of service (infinite loop and memory consumption) in opportunistic circumstances by requesting data.
40 CVE-2011-1943 532 +Info 2011-06-14 2021-11-02
2.1
None Local Low Not required Partial None None
The destroy_one_secret function in nm-setting-vpn.c in libnm-util in the NetworkManager package 0.8.999-3.git20110526 in Fedora 15 creates a log entry containing a certificate password, which allows local users to obtain sensitive information by reading a log file.
41 CVE-2011-2192 255 2011-07-07 2020-05-27
4.3
None Remote Medium Not required Partial None None
The Curl_input_negotiate function in http_negotiate.c in libcurl 7.10.6 through 7.21.6, as used in curl and other products, always performs credential delegation during GSSAPI authentication, which allows remote servers to impersonate clients via GSSAPI requests.
42 CVE-2011-2501 125 DoS 2011-07-17 2020-08-06
4.3
None Remote Medium Not required None None Partial
The png_format_buffer function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 allows remote attackers to cause a denial of service (application crash) via a crafted PNG image that triggers an out-of-bounds read during the copying of error-message data. NOTE: this vulnerability exists because of a CVE-2004-0421 regression. NOTE: this is called an off-by-one error by some sources.
43 CVE-2011-2691 476 DoS 2011-07-17 2020-08-06
4.3
None Remote Medium Not required None None Partial
The png_err function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 makes a function call using a NULL pointer argument instead of an empty-string argument, which allows remote attackers to cause a denial of service (application crash) via a crafted PNG image.
44 CVE-2011-2924 59 2019-11-19 2019-11-25
3.3
None Local Medium Not required None Partial Partial
foomatic-rip filter v4.0.12 and prior used insecurely creates temporary files for storage of PostScript data by rendering the data when the debug mode was enabled. This flaw may be exploited by a local attacker to conduct symlink attacks by overwriting arbitrary files accessible with the privileges of the user running the foomatic-rip universal print filter.
45 CVE-2011-4930 134 DoS Exec Code 2014-02-10 2014-02-10
4.4
None Local Medium Not required Partial Partial Partial
Multiple format string vulnerabilities in Condor 7.2.0 through 7.6.4, and possibly certain 7.7.x versions, as used in Red Hat MRG Grid and possibly other products, allow local users to cause a denial of service (condor_schedd daemon and failure to launch jobs) and possibly execute arbitrary code via format string specifiers in (1) the reason for a hold for a job that uses an XML user log, (2) the filename of a file to be transferred, and possibly other unspecified vectors.
46 CVE-2011-5268 310 DoS 2013-12-24 2014-01-04
4.3
None Remote Medium Not required None None Partial
connection.c in Bip before 0.8.9 does not properly close sockets, which allows remote attackers to cause a denial of service (file descriptor consumption and crash) via multiple failed SSL handshakes, a different vulnerability than CVE-2013-4550. NOTE: this issue was SPLIT from CVE-2013-4550 because it is a different type of issue.
47 CVE-2012-0049 400 DoS 2019-11-07 2019-11-09
4.0
None Remote Low ??? None None Partial
OpenTTD before 1.1.5 contains a Denial of Service (slow read attack) that prevents users from joining the server.
48 CVE-2012-0833 264 DoS 2012-07-03 2012-07-17
2.3
None Local Network Medium ??? None None Partial
The acllas__handle_group_entry function in servers/plugins/acl/acllas.c in 389 Directory Server before 1.2.10 does not properly handled access control instructions (ACIs) that use certificate groups, which allows remote authenticated LDAP users with a certificate group to cause a denial of service (infinite loop and CPU consumption) by binding to the server.
49 CVE-2012-1105 200 +Info 2019-12-05 2019-12-17
2.1
None Local Low Not required Partial None None
An Information Disclosure vulnerability exists in the Jasig Project php-pear-CAS 1.2.2 package in the /tmp directory. The Central Authentication Service client library archives the debug logging file in an insecure manner.
50 CVE-2012-1114 79 XSS 2019-12-05 2019-12-12
4.3
None Remote Medium Not required None Partial None
A Cross-Site Scripting (XSS) vulnerability exists in LDAP Account Manager (LAM) Pro 3.6 in the filter parameter to cmd.php in an export and exporter_id action. and the filteruid parameter to list.php.
Total number of vulnerabilities : 1261   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.