Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Fedoraproject Subscribe
Total 4434 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-26572 3 Debian, Fedoraproject, Opensc Project 3 Debian Linux, Fedora, Opensc 2021-11-30 2.1 LOW 5.5 MEDIUM
The TCOS smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in tcos_decipher.
CVE-2020-28463 2 Fedoraproject, Reportlab 2 Fedora, Reportlab 2021-11-30 4.0 MEDIUM 6.5 MEDIUM
All versions of package reportlab are vulnerable to Server-side Request Forgery (SSRF) via img tags. In order to reduce risk, use trustedSchemes & trustedHosts (see in Reportlab's documentation) Steps to reproduce by Karan Bamal: 1. Download and install the latest package of reportlab 2. Go to demos -> odyssey -> dodyssey 3. In the text file odyssey.txt that needs to be converted to pdf inject <img src="http://127.0.0.1:5000" valign="top"/> 4. Create a nc listener nc -lp 5000 5. Run python3 dodyssey.py 6. You will get a hit on your nc showing we have successfully proceded to send a server side request 7. dodyssey.py will show error since there is no img file on the url, but we are able to do SSRF
CVE-2020-26571 3 Debian, Fedoraproject, Opensc Project 3 Debian Linux, Fedora, Opensc 2021-11-30 2.1 LOW 5.5 MEDIUM
The gemsafe GPK smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in sc_pkcs15emu_gemsafeGPK_init.
CVE-2021-0002 2 Fedoraproject, Intel 3 Fedora, Ethernet Controller E810, Ethernet Controller E810 Firmware 2021-11-30 3.6 LOW 7.1 HIGH
Improper conditions check in some Intel(R) Ethernet Controllers 800 series Linux drivers before version 1.4.11 may allow an authenticated user to potentially enable information disclosure or denial of service via local access.
CVE-2019-17596 6 Arista, Debian, Fedoraproject and 3 more 11 Cloudvision Portal, Eos, Mos and 8 more 2021-11-30 5.0 MEDIUM 7.5 HIGH
Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public key. There are several attack scenarios, such as traffic from a client to a server that verifies client certificates.
CVE-2020-10188 5 Arista, Debian, Fedoraproject and 2 more 5 Eos, Debian Linux, Fedora and 2 more 2021-11-30 10.0 HIGH 9.8 CRITICAL
utility.c in telnetd in netkit telnet through 0.17 allows remote attackers to execute arbitrary code via short writes or urgent data, because of a buffer overflow involving the netclear and nextitem functions.
CVE-2019-17455 5 Canonical, Debian, Fedoraproject and 2 more 6 Ubuntu Linux, Debian Linux, Fedora and 3 more 2021-11-30 7.5 HIGH 9.8 CRITICAL
Libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge, and tSmbNtlmAuthResponse read and write operations, as demonstrated by a stack-based buffer over-read in buildSmbNtlmAuthRequest in smbutil.c for a crafted NTLM request.
CVE-2019-9705 3 Cron Project, Debian, Fedoraproject 3 Cron, Debian Linux, Fedora 2021-11-30 2.1 LOW 5.5 MEDIUM
Vixie Cron before the 3.0pl1-133 Debian package allows local users to cause a denial of service (memory consumption) via a large crontab file because an unlimited number of lines is accepted.
CVE-2019-1010305 4 Canonical, Debian, Fedoraproject and 1 more 4 Ubuntu Linux, Debian Linux, Fedora and 1 more 2021-11-30 4.3 MEDIUM 5.5 MEDIUM
libmspack 0.9.1alpha is affected by: Buffer Overflow. The impact is: Information Disclosure. The component is: function chmd_read_headers() in libmspack(file libmspack/mspack/chmd.c). The attack vector is: the victim must open a specially crafted chm file. The fixed version is: after commit 2f084136cfe0d05e5bf5703f3e83c6d955234b4d.
CVE-2020-26258 3 Debian, Fedoraproject, Xstream Project 3 Debian Linux, Fedora, Xstream 2021-11-30 5.0 MEDIUM 7.7 HIGH
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.15, a Server-Side Forgery Request vulnerability can be activated when unmarshalling. The vulnerability may allow a remote attacker to request data from internal resources that are not publicly available only by manipulating the processed input stream. If you rely on XStream's default blacklist of the Security Framework, you will have to use at least version 1.4.15. The reported vulnerability does not exist if running Java 15 or higher. No user is affected who followed the recommendation to setup XStream's Security Framework with a whitelist! Anyone relying on XStream's default blacklist can immediately switch to a whilelist for the allowed types to avoid the vulnerability. Users of XStream 1.4.14 or below who still want to use XStream default blacklist can use a workaround described in more detailed in the referenced advisories.
CVE-2016-9811 4 Debian, Fedoraproject, Gstreamer and 1 more 9 Debian Linux, Fedora, Gstreamer and 6 more 2021-11-29 4.3 MEDIUM 4.7 MEDIUM
The windows_icon_typefind function in gst-plugins-base in GStreamer before 1.10.2, when G_SLICE is set to always-malloc, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted ico file.
CVE-2020-26570 3 Debian, Fedoraproject, Opensc Project 3 Debian Linux, Fedora, Opensc 2021-11-29 2.1 LOW 5.5 MEDIUM
The Oberthur smart card software driver in OpenSC before 0.21.0-rc1 has a heap-based buffer overflow in sc_oberthur_read_file.
CVE-2021-26701 2 Fedoraproject, Microsoft 5 Fedora, .net, .net Core and 2 more 2021-11-29 7.5 HIGH 9.8 CRITICAL
.NET Core Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24112.
CVE-2021-42327 3 Fedoraproject, Linux, Netapp 18 Fedora, Linux Kernel, H300e and 15 more 2021-11-28 4.6 MEDIUM 6.7 MEDIUM
dp_link_settings_write in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c in the Linux kernel through 5.14.14 allows a heap-based buffer overflow by an attacker who can write a string to the AMD GPU display drivers debug filesystem. There are no checks on size within parse_write_buffer_into_params when it uses the size of copy_from_user to copy a userspace buffer into a 40-byte heap buffer.
CVE-2021-43056 2 Fedoraproject, Linux 2 Fedora, Linux Kernel 2021-11-28 4.9 MEDIUM 5.5 MEDIUM
An issue was discovered in the Linux kernel for powerpc before 5.14.15. It allows a malicious KVM guest to crash the host, when the host is running on Power8, due to an arch/powerpc/kvm/book3s_hv_rmhandlers.S implementation bug in the handling of the SRR1 register values.
CVE-2021-41800 2 Fedoraproject, Mediawiki 2 Fedora, Mediawiki 2021-11-28 5.0 MEDIUM 5.3 MEDIUM
MediaWiki before 1.36.2 allows a denial of service (resource consumption because of lengthy query processing time). Visiting Special:Contributions can sometimes result in a long running SQL query because PoolCounter protection is mishandled.
CVE-2021-39358 2 Fedoraproject, Gnome 2 Fedora, Libgfbgraph 2021-11-28 4.3 MEDIUM 5.9 MEDIUM
In GNOME libgfbgraph through 0.2.4, gfbgraph-photo.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011.
CVE-2021-39226 2 Fedoraproject, Grafana 2 Fedora, Grafana 2021-11-28 6.8 MEDIUM 7.3 HIGH
Grafana is an open source data visualization platform. In affected versions unauthenticated and authenticated users are able to view the snapshot with the lowest database key by accessing the literal paths: /dashboard/snapshot/:key, or /api/snapshots/:key. If the snapshot "public_mode" configuration setting is set to true (vs default of false), unauthenticated users are able to delete the snapshot with the lowest database key by accessing the literal path: /api/snapshots-delete/:deleteKey. Regardless of the snapshot "public_mode" setting, authenticated users are able to delete the snapshot with the lowest database key by accessing the literal paths: /api/snapshots/:key, or /api/snapshots-delete/:deleteKey. The combination of deletion and viewing enables a complete walk through all snapshot data while resulting in complete snapshot data loss. This issue has been resolved in versions 8.1.6 and 7.5.11. If for some reason you cannot upgrade you can use a reverse proxy or similar to block access to the literal paths: /api/snapshots/:key, /api/snapshots-delete/:deleteKey, /dashboard/snapshot/:key, and /api/snapshots/:key. They have no normal function and can be disabled without side effects.
CVE-2021-39360 2 Fedoraproject, Gnome 2 Fedora, Libzapojit 2021-11-28 4.3 MEDIUM 5.9 MEDIUM
In GNOME libzapojit through 0.0.3, zpj-skydrive.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is similar to CVE-2016-20011.
CVE-2021-37220 2 Artifex, Fedoraproject 2 Mupdf, Fedora 2021-11-28 4.3 MEDIUM 5.5 MEDIUM
MuPDF through 1.18.1 has an out-of-bounds write because the cached color converter does not properly consider the maximum key size of a hash table. This can, for example, be seen with crafted "mutool draw" input.