Filtered by vendor Fedoraproject
Subscribe
Total
4434 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-5763 | 4 Debian, Fedoraproject, Google and 1 more | 6 Debian Linux, Fedora, Chrome and 3 more | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
| Failure to check error conditions in V8 in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2019-5761 | 3 Fedoraproject, Google, Redhat | 5 Fedora, Chrome, Enterprise Linux Desktop and 2 more | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
| Incorrect object lifecycle management in SwiftShader in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2019-5760 | 4 Debian, Fedoraproject, Google and 1 more | 6 Debian Linux, Fedora, Chrome and 3 more | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
| Insufficient checks of pointer validity in WebRTC in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2019-5758 | 4 Debian, Fedoraproject, Google and 1 more | 6 Debian Linux, Fedora, Chrome and 3 more | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
| Incorrect object lifecycle management in Blink in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2019-3851 | 2 Fedoraproject, Moodle | 2 Fedora, Moodle | 2020-08-24 | 4.0 MEDIUM | 4.3 MEDIUM |
| A vulnerability was found in moodle before versions 3.6.3 and 3.5.5. There was a link to site home within the the Boost theme's secure layout, meaning students could navigate out of the page. | |||||
| CVE-2019-19204 | 3 Debian, Fedoraproject, Oniguruma Project | 3 Debian Linux, Fedora, Oniguruma | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function fetch_interval_quantifier (formerly known as fetch_range_quantifier) in regparse.c, PFETCH is called without checking PEND. This leads to a heap-based buffer over-read. | |||||
| CVE-2013-5610 | 6 Canonical, Fedoraproject, Mozilla and 3 more | 9 Ubuntu Linux, Fedora, Firefox and 6 more | 2020-08-21 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | |||||
| CVE-2013-5612 | 7 Canonical, Fedoraproject, Mozilla and 4 more | 16 Ubuntu Linux, Fedora, Firefox and 13 more | 2020-08-21 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 makes it easier for remote attackers to inject arbitrary web script or HTML by leveraging a Same Origin Policy violation triggered by lack of a charset parameter in a Content-Type HTTP header. | |||||
| CVE-2013-5619 | 6 Canonical, Fedoraproject, Mozilla and 3 more | 9 Ubuntu Linux, Fedora, Firefox and 6 more | 2020-08-21 | 7.5 HIGH | N/A |
| Multiple integer overflows in the binary-search implementation in SpiderMonkey in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 might allow remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JavaScript code. | |||||
| CVE-2013-5614 | 7 Canonical, Fedoraproject, Mozilla and 4 more | 16 Ubuntu Linux, Fedora, Firefox and 13 more | 2020-08-21 | 4.3 MEDIUM | N/A |
| Mozilla Firefox before 26.0 and SeaMonkey before 2.23 do not properly consider the sandbox attribute of an IFRAME element during processing of a contained OBJECT element, which allows remote attackers to bypass intended sandbox restrictions via a crafted web site. | |||||
| CVE-2013-6672 | 7 Canonical, Fedoraproject, Linux and 4 more | 10 Ubuntu Linux, Fedora, Linux Kernel and 7 more | 2020-08-21 | 4.3 MEDIUM | N/A |
| Mozilla Firefox before 26.0 and SeaMonkey before 2.23 on Linux allow user-assisted remote attackers to read clipboard data by leveraging certain middle-click paste operations. | |||||
| CVE-2020-11078 | 3 Debian, Fedoraproject, Httplib2 Project | 3 Debian Linux, Fedora, Httplib2 | 2020-08-19 | 4.3 MEDIUM | 6.8 MEDIUM |
| In httplib2 before version 0.18.0, an attacker controlling unescaped part of uri for `httplib2.Http.request()` could change request headers and body, send additional hidden requests to same server. This vulnerability impacts software that uses httplib2 with uri constructed by string concatenation, as opposed to proper urllib building with escaping. This has been fixed in 0.18.0. | |||||
| CVE-2015-7810 | 4 Debian, Fedoraproject, Redhat and 1 more | 4 Debian Linux, Fedora, Enterprise Linux and 1 more | 2020-08-18 | 3.3 LOW | 4.7 MEDIUM |
| libbluray MountManager class has a time-of-check time-of-use (TOCTOU) race when expanding JAR files | |||||
| CVE-2014-0021 | 3 Chrony Project, Debian, Fedoraproject | 3 Chrony, Debian Linux, Fedora | 2020-08-18 | 5.0 MEDIUM | 7.5 HIGH |
| Chrony before 1.29.1 has traffic amplification in cmdmon protocol | |||||
| CVE-2013-7089 | 3 Clamav, Debian, Fedoraproject | 3 Clamav, Debian Linux, Fedora | 2020-08-18 | 5.0 MEDIUM | 7.5 HIGH |
| ClamAV before 0.97.7: dbg_printhex possible information leak | |||||
| CVE-2013-7088 | 3 Clamav, Debian, Fedoraproject | 3 Clamav, Debian Linux, Fedora | 2020-08-18 | 7.5 HIGH | 9.8 CRITICAL |
| ClamAV before 0.97.7 has buffer overflow in the libclamav component | |||||
| CVE-2013-7087 | 3 Clamav, Debian, Fedoraproject | 3 Clamav, Debian Linux, Fedora | 2020-08-18 | 7.5 HIGH | 9.8 CRITICAL |
| ClamAV before 0.97.7 has WWPack corrupt heap memory | |||||
| CVE-2011-2924 | 3 Debian, Fedoraproject, Linuxfoundation | 3 Debian Linux, Fedora, Foomatic-filters | 2020-08-18 | 3.3 LOW | 5.5 MEDIUM |
| foomatic-rip filter v4.0.12 and prior used insecurely creates temporary files for storage of PostScript data by rendering the data when the debug mode was enabled. This flaw may be exploited by a local attacker to conduct symlink attacks by overwriting arbitrary files accessible with the privileges of the user running the foomatic-rip universal print filter. | |||||
| CVE-2020-5312 | 4 Canonical, Debian, Fedoraproject and 1 more | 4 Ubuntu Linux, Debian Linux, Fedora and 1 more | 2020-08-18 | 7.5 HIGH | 9.8 CRITICAL |
| libImaging/PcxDecode.c in Pillow before 6.2.2 has a PCX P mode buffer overflow. | |||||
| CVE-2020-5311 | 4 Canonical, Debian, Fedoraproject and 1 more | 4 Ubuntu Linux, Debian Linux, Fedora and 1 more | 2020-08-18 | 7.5 HIGH | 9.8 CRITICAL |
| libImaging/SgiRleDecode.c in Pillow before 6.2.2 has an SGI buffer overflow. | |||||