Filtered by vendor Fedoraproject
Subscribe
Total
4434 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-44142 | 6 Canonical, Debian, Fedoraproject and 3 more | 23 Ubuntu Linux, Debian Linux, Fedora and 20 more | 2022-02-23 | 9.0 HIGH | 8.8 HIGH |
The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via specially crafted extended file attributes. A remote attacker with write access to extended file attributes can execute arbitrary code with the privileges of smbd, typically root. | |||||
CVE-2021-44141 | 3 Fedoraproject, Redhat, Samba | 3 Fedora, Storage, Samba | 2022-02-23 | 3.5 LOW | 4.3 MEDIUM |
All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to determine if a file or directory exists in an area of the server file system not exported under the share definition. SMB1 with unix extensions has to be enabled in order for this attack to succeed. | |||||
CVE-2021-40839 | 2 Fedoraproject, Rencode Project | 2 Fedora, Rencode | 2022-02-22 | 5.0 MEDIUM | 7.5 HIGH |
The rencode package through 1.0.6 for Python allows an infinite loop in typecode decoding (such as via ;\x2f\x7f), enabling a remote attack that consumes CPU and memory. | |||||
CVE-2020-18442 | 3 Debian, Fedoraproject, Zziplib Project | 3 Debian Linux, Fedora, Zziplib | 2022-02-22 | 2.1 LOW | 3.3 LOW |
Infinite Loop in zziplib v0.13.69 allows remote attackers to cause a denial of service via the return value "zzip_file_read" in the function "unzzip_cat_file". | |||||
CVE-2021-33571 | 2 Djangoproject, Fedoraproject | 2 Django, Fedora | 2022-02-22 | 5.0 MEDIUM | 7.5 HIGH |
In Django 2.2 before 2.2.24, 3.x before 3.1.12, and 3.2 before 3.2.4, URLValidator, validate_ipv4_address, and validate_ipv46_address do not prohibit leading zero characters in octal literals. This may allow a bypass of access control that is based on IP addresses. (validate_ipv4_address and validate_ipv46_address are unaffected with Python 3.9.5+..) . | |||||
CVE-2020-28243 | 3 Debian, Fedoraproject, Saltstack | 3 Debian Linux, Fedora, Salt | 2022-02-22 | 4.4 MEDIUM | 7.8 HIGH |
An issue was discovered in SaltStack Salt before 3002.5. The minion's restartcheck is vulnerable to command injection via a crafted process name. This allows for a local privilege escalation by any user able to create a files on the minion in a non-blacklisted directory. | |||||
CVE-2022-0196 | 2 Fedoraproject, Phoronix-media | 2 Fedora, Phoronix Test Suite | 2022-02-22 | 6.8 MEDIUM | 8.8 HIGH |
phoronix-test-suite is vulnerable to Cross-Site Request Forgery (CSRF) | |||||
CVE-2022-0157 | 2 Fedoraproject, Phoronix-media | 2 Fedora, Phoronix Test Suite | 2022-02-22 | 3.5 LOW | 5.4 MEDIUM |
phoronix-test-suite is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | |||||
CVE-2022-0197 | 2 Fedoraproject, Phoronix-media | 2 Fedora, Phoronix Test Suite | 2022-02-22 | 6.8 MEDIUM | 8.8 HIGH |
phoronix-test-suite is vulnerable to Cross-Site Request Forgery (CSRF) | |||||
CVE-2022-0238 | 2 Fedoraproject, Phoronix-media | 2 Fedora, Phoronix Test Suite | 2022-02-22 | 4.3 MEDIUM | 4.3 MEDIUM |
phoronix-test-suite is vulnerable to Cross-Site Request Forgery (CSRF) | |||||
CVE-2020-24661 | 2 Fedoraproject, Gnome | 2 Fedora, Geary | 2022-02-22 | 2.6 LOW | 5.9 MEDIUM |
GNOME Geary before 3.36.3 mishandles pinned TLS certificate verification for IMAP and SMTP services using invalid TLS certificates (e.g., self-signed certificates) when the client system is not configured to use a system-provided PKCS#11 store. This allows a meddler in the middle to present a different invalid certificate to intercept incoming and outgoing mail. | |||||
CVE-2021-20718 | 3 Fedoraproject, Oracle, Zmartzone | 3 Fedora, Essbase, Mod Auth Openidc | 2022-02-20 | 5.0 MEDIUM | 7.5 HIGH |
mod_auth_openidc 2.4.0 to 2.4.7 allows a remote attacker to cause a denial-of-service (DoS) condition via unspecified vectors. | |||||
CVE-2015-5745 | 3 Arista, Fedoraproject, Qemu | 3 Eos, Fedora, Qemu | 2022-02-19 | 4.0 MEDIUM | 6.5 MEDIUM |
Buffer overflow in the send_control_msg function in hw/char/virtio-serial-bus.c in QEMU before 2.4.0 allows guest users to cause a denial of service (QEMU process crash) via a crafted virtio control message. | |||||
CVE-2020-6860 | 2 Fedoraproject, Symonics | 2 Fedora, Libmysofa | 2022-02-19 | 6.8 MEDIUM | 8.8 HIGH |
libmysofa 0.9.1 has a stack-based buffer overflow in readDataVar in hdf/dataobject.c during the reading of a header message attribute. | |||||
CVE-2019-15718 | 3 Fedoraproject, Redhat, Systemd Project | 14 Fedora, Enterprise Linux, Enterprise Linux Eus and 11 more | 2022-02-19 | 3.6 LOW | 4.4 MEDIUM |
In systemd 240, bus_open_system_watch_bind_with_description in shared/bus-util.c (as used by systemd-resolved to connect to the system D-Bus instance), calls sd_bus_set_trusted, which disables access controls for incoming D-Bus messages. An unprivileged user can exploit this by executing D-Bus methods that should be restricted to privileged users, in order to change the system's DNS resolver settings. | |||||
CVE-2019-6454 | 8 Canonical, Debian, Fedoraproject and 5 more | 22 Ubuntu Linux, Debian Linux, Fedora and 19 more | 2022-02-19 | 4.9 MEDIUM | 5.5 MEDIUM |
An issue was discovered in sd-bus in systemd 239. bus_process_object() in libsystemd/sd-bus/bus-objects.c allocates a variable-length stack buffer for temporarily storing the object path of incoming D-Bus messages. An unprivileged local user can exploit this by sending a specially crafted message to PID1, causing the stack pointer to jump over the stack guard pages into an unmapped memory region and trigger a denial of service (systemd PID1 crash and kernel panic). | |||||
CVE-2021-38013 | 3 Debian, Fedoraproject, Google | 4 Debian Linux, Fedora, Chrome and 1 more | 2022-02-18 | 6.8 MEDIUM | 9.6 CRITICAL |
Heap buffer overflow in fingerprint recognition in Google Chrome on ChromeOS prior to 96.0.4664.45 allowed a remote attacker who had compromised a WebUI renderer process to potentially perform a sandbox escape via a crafted HTML page. | |||||
CVE-2021-38012 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2022-02-18 | 6.8 MEDIUM | 8.8 HIGH |
Type confusion in V8 in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
CVE-2021-37975 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2022-02-18 | 6.8 MEDIUM | 8.8 HIGH |
Use after free in V8 in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
CVE-2021-37974 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2022-02-18 | 6.8 MEDIUM | 8.8 HIGH |
Use after free in Safebrowsing in Google Chrome prior to 94.0.4606.71 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. |