Filtered by vendor Fedoraproject
Subscribe
Total
4434 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-8793 | 3 Canonical, Fedoraproject, Opensmtpd | 3 Ubuntu Linux, Fedora, Opensmtpd | 2022-01-01 | 4.7 MEDIUM | 4.7 MEDIUM |
OpenSMTPD before 6.6.4 allows local users to read arbitrary files (e.g., on some Linux distributions) because of a combination of an untrusted search path in makemap.c and race conditions in the offline functionality in smtpd.c. | |||||
CVE-2020-9369 | 3 Debian, Fedoraproject, Sympa | 3 Debian Linux, Fedora, Sympa | 2022-01-01 | 5.0 MEDIUM | 7.5 HIGH |
Sympa 6.2.38 through 6.2.52 allows remote attackers to cause a denial of service (disk consumption from temporary files, and a flood of notifications to listmasters) via a series of requests with malformed parameters. | |||||
CVE-2020-6420 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2022-01-01 | 6.8 MEDIUM | 8.8 HIGH |
Insufficient policy enforcement in media in Google Chrome prior to 80.0.3987.132 allowed a remote attacker to bypass same origin policy via a crafted HTML page. | |||||
CVE-2020-25828 | 2 Fedoraproject, Mediawiki | 2 Fedora, Mediawiki | 2022-01-01 | 4.3 MEDIUM | 6.1 MEDIUM |
An issue was discovered in MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4. The non-jqueryMsg version of mw.message().parse() doesn't escape HTML. This affects both message contents (which are generally safe) and the parameters (which can be based on user input). (When jqueryMsg is loaded, it correctly accepts only whitelisted tags in message contents, and escapes all parameters. Situations with an unloaded jqueryMsg are rare in practice, but can for example occur for Special:SpecialPages on a wiki with no extensions installed.) | |||||
CVE-2020-14382 | 4 Canonical, Cryptsetup Project, Fedoraproject and 1 more | 4 Ubuntu Linux, Cryptsetup, Fedora and 1 more | 2022-01-01 | 6.8 MEDIUM | 7.8 HIGH |
A vulnerability was found in upstream release cryptsetup-2.2.0 where, there's a bug in LUKS2 format validation code, that is effectively invoked on every device/image presenting itself as LUKS2 container. The bug is in segments validation code in file 'lib/luks2/luks2_json_metadata.c' in function hdr_validate_segments(struct crypt_device *cd, json_object *hdr_jobj) where the code does not check for possible overflow on memory allocation used for intervals array (see statement "intervals = malloc(first_backup * sizeof(*intervals));"). Due to the bug, library can be *tricked* to expect such allocation was successful but for far less memory then originally expected. Later it may read data FROM image crafted by an attacker and actually write such data BEYOND allocated memory. | |||||
CVE-2020-25827 | 2 Fedoraproject, Mediawiki | 2 Fedora, Mediawiki | 2022-01-01 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in the OATHAuth extension in MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4. For Wikis using OATHAuth on a farm/cluster (such as via CentralAuth), rate limiting of OATH tokens is only done on a single site level. Thus, multiple requests can be made across many wikis/sites concurrently. | |||||
CVE-2020-25814 | 2 Fedoraproject, Mediawiki | 2 Fedora, Mediawiki | 2022-01-01 | 4.3 MEDIUM | 6.1 MEDIUM |
In MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4, XSS related to jQuery can occur. The attacker creates a message with [javascript:payload xss] and turns it into a jQuery object with mw.message().parse(). The expected result is that the jQuery object does not contain an <a> tag (or it does not have a href attribute, or it's empty, etc.). The actual result is that the object contains an <a href ="javascript... that executes when clicked. | |||||
CVE-2020-25813 | 2 Fedoraproject, Mediawiki | 2 Fedora, Mediawiki | 2022-01-01 | 5.0 MEDIUM | 5.3 MEDIUM |
In MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4, Special:UserRights exposes the existence of hidden users. | |||||
CVE-2020-25812 | 2 Fedoraproject, Mediawiki | 2 Fedora, Mediawiki | 2022-01-01 | 4.3 MEDIUM | 6.1 MEDIUM |
An issue was discovered in MediaWiki 1.34.x before 1.34.4. On Special:Contributions, the NS filter uses unescaped messages as keys in the option key for an HTMLForm specifier. This is vulnerable to a mild XSS if one of those messages is changed to include raw HTML. | |||||
CVE-2020-25815 | 2 Fedoraproject, Mediawiki | 2 Fedora, Mediawiki | 2022-01-01 | 4.3 MEDIUM | 6.1 MEDIUM |
An issue was discovered in MediaWiki 1.32.x through 1.34.x before 1.34.4. LogEventList::getFiltersDesc is insecurely using message text to build options names for an HTML multi-select field. The relevant code should use escaped() instead of text(). | |||||
CVE-2020-20739 | 3 Debian, Fedoraproject, Libvips Project | 3 Debian Linux, Fedora, Libvips | 2022-01-01 | 5.0 MEDIUM | 5.3 MEDIUM |
im_vips2dz in /libvips/libvips/deprecated/im_vips2dz.c in libvips before 8.8.2 has an uninitialized variable which may cause the leakage of remote server path or stack address. | |||||
CVE-2020-13671 | 2 Drupal, Fedoraproject | 2 Drupal, Fedora | 2022-01-01 | 6.5 MEDIUM | 8.8 HIGH |
Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain hosting configurations. This issue affects: Drupal Drupal Core 9.0 versions prior to 9.0.8, 8.9 versions prior to 8.9.9, 8.8 versions prior to 8.8.11, and 7 versions prior to 7.74. | |||||
CVE-2020-26521 | 2 Fedoraproject, Linuxfoundation | 2 Fedora, Nats-server | 2022-01-01 | 5.0 MEDIUM | 7.5 HIGH |
The JWT library in NATS nats-server before 2.1.9 allows a denial of service (a nil dereference in Go code). | |||||
CVE-2020-26892 | 2 Fedoraproject, Linuxfoundation | 2 Fedora, Nats-server | 2022-01-01 | 7.5 HIGH | 9.8 CRITICAL |
The JWT library in NATS nats-server before 2.1.9 has Incorrect Access Control because of how expired credentials are handled. | |||||
CVE-2020-28368 | 3 Debian, Fedoraproject, Xen | 3 Debian Linux, Fedora, Xen | 2022-01-01 | 2.1 LOW | 4.4 MEDIUM |
Xen through 4.14.x allows guest OS administrators to obtain sensitive information (such as AES keys from outside the guest) via a side-channel attack on a power/energy monitoring interface, aka a "Platypus" attack. NOTE: there is only one logically independent fix: to change the access control for each such interface in Xen. | |||||
CVE-2020-8223 | 2 Fedoraproject, Nextcloud | 2 Fedora, Nextcloud Server | 2022-01-01 | 3.5 LOW | 6.5 MEDIUM |
A logic error in Nextcloud Server 19.0.0 caused a privilege escalation allowing malicious users to reshare with higher permissions than they got assigned themselves. | |||||
CVE-2020-25613 | 2 Fedoraproject, Ruby-lang | 3 Fedora, Ruby, Webrick | 2022-01-01 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a simple HTTP server bundled with Ruby, had not checked the transfer-encoding header value rigorously. An attacker may potentially exploit this issue to bypass a reverse proxy (which also has a poor header check), which may lead to an HTTP Request Smuggling attack. | |||||
CVE-2019-19004 | 2 Autotrace Project, Fedoraproject | 2 Autotrace, Fedora | 2022-01-01 | 4.3 MEDIUM | 3.3 LOW |
A biWidth*biBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image. | |||||
CVE-2020-8296 | 2 Fedoraproject, Nextcloud | 2 Fedora, Nextcloud Server | 2022-01-01 | 4.6 MEDIUM | 6.7 MEDIUM |
Nextcloud Server prior to 20.0.0 stores passwords in a recoverable format even when external storage is not configured. | |||||
CVE-2020-36193 | 4 Debian, Drupal, Fedoraproject and 1 more | 4 Debian Linux, Drupal, Fedora and 1 more | 2022-01-01 | 5.0 MEDIUM | 7.5 HIGH |
Tar.php in Archive_Tar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related issue to CVE-2020-28948. |