Total
4367 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-16872 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2023-02-12 | 3.5 LOW | 5.3 MEDIUM |
| A flaw was found in qemu Media Transfer Protocol (MTP). The code opening files in usb_mtp_get_object and usb_mtp_get_partial_object and directories in usb_mtp_object_readdir doesn't consider that the underlying filesystem may have changed since the time lstat(2) was called in usb_mtp_object_alloc, a classical TOCTTOU problem. An attacker with write access to the host filesystem shared with a guest can use this property to navigate the host filesystem in the context of the QEMU process and read any file the QEMU process has access to. Access to the filesystem may be local or via a network share protocol such as CIFS. | |||||
| CVE-2018-1111 | 2 Fedoraproject, Redhat | 7 Fedora, Enterprise Linux, Enterprise Linux Desktop and 4 more | 2023-02-12 | 7.9 HIGH | 7.5 HIGH |
| DHCP packages in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earlier are vulnerable to a command injection flaw in the NetworkManager integration script included in the DHCP client. A malicious DHCP server, or an attacker on the local network able to spoof DHCP responses, could use this flaw to execute arbitrary commands with root privileges on systems using NetworkManager and configured to obtain network configuration using the DHCP protocol. | |||||
| CVE-2019-10132 | 2 Fedoraproject, Redhat | 2 Fedora, Libvirt | 2023-02-12 | 6.5 MEDIUM | 8.8 HIGH |
| A vulnerability was found in libvirt >= 4.1.0 in the virtlockd-admin.socket and virtlogd-admin.socket systemd units. A missing SocketMode configuration parameter allows any user on the host to connect using virtlockd-admin-sock or virtlogd-admin-sock and perform administrative tasks against the virtlockd and virtlogd daemons. | |||||
| CVE-2017-5885 | 2 Fedoraproject, Gnome | 2 Fedora, Gtk-vnc | 2023-02-12 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple integer overflows in the (1) vnc_connection_server_message and (2) vnc_color_map_set functions in gtk-vnc before 0.7.0 allow remote servers to cause a denial of service (crash) or possibly execute arbitrary code via vectors involving SetColorMapEntries, which triggers a buffer overflow. | |||||
| CVE-2017-5884 | 2 Fedoraproject, Gnome | 2 Fedora, Gtk-vnc | 2023-02-12 | 6.8 MEDIUM | 7.8 HIGH |
| gtk-vnc before 0.7.0 does not properly check boundaries of subrectangle-containing tiles, which allows remote servers to execute arbitrary code via the src x, y coordinates in a crafted (1) rre, (2) hextile, or (3) copyrect tile. | |||||
| CVE-2016-5404 | 3 Fedoraproject, Freeipa, Oracle | 3 Fedora, Freeipa, Linux | 2023-02-12 | 4.0 MEDIUM | 6.5 MEDIUM |
| The cert_revoke command in FreeIPA does not check for the "revoke certificate" permission, which allows remote authenticated users to revoke arbitrary certificates by leveraging the "retrieve certificate" permission. | |||||
| CVE-2016-5391 | 2 Fedoraproject, Libreswan | 2 Fedora, Libreswan | 2023-02-12 | 5.0 MEDIUM | 7.5 HIGH |
| libreswan before 3.18 allows remote attackers to cause a denial of service (NULL pointer dereference and pluto daemon restart). | |||||
| CVE-2016-5384 | 4 Canonical, Debian, Fedoraproject and 1 more | 4 Ubuntu Linux, Debian Linux, Fedora and 1 more | 2023-02-12 | 4.6 MEDIUM | 7.8 HIGH |
| fontconfig before 2.12.1 does not validate offsets, which allows local users to trigger arbitrary free calls and consequently conduct double free attacks and execute arbitrary code via a crafted cache file. | |||||
| CVE-2016-5385 | 8 Debian, Drupal, Fedoraproject and 5 more | 14 Debian Linux, Drupal, Fedora and 11 more | 2023-02-12 | 5.1 MEDIUM | 8.1 HIGH |
| PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, as demonstrated by (1) an application that makes a getenv('HTTP_PROXY') call or (2) a CGI configuration of PHP, aka an "httpoxy" issue. | |||||
| CVE-2016-4980 | 3 Ethz, Fedoraproject, Redhat | 3 Xquest, Fedora, Enterprise Linux | 2023-02-12 | 1.9 LOW | 2.5 LOW |
| A password generation weakness exists in xquest through 2016-06-13. | |||||
| CVE-2016-4037 | 4 Canonical, Debian, Fedoraproject and 1 more | 4 Ubuntu Linux, Debian Linux, Fedora and 1 more | 2023-02-12 | 4.9 MEDIUM | 6.0 MEDIUM |
| The ehci_advance_state function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via a circular split isochronous transfer descriptor (siTD) list, a related issue to CVE-2015-8558. | |||||
| CVE-2016-3704 | 2 Fedoraproject, Pulpproject | 2 Fedora, Pulp | 2023-02-12 | 5.0 MEDIUM | 7.5 HIGH |
| Pulp before 2.8.5 uses bash's $RANDOM in an unsafe way to generate passwords. | |||||
| CVE-2015-1827 | 2 Fedoraproject, Freeipa | 2 Fedora, Freeipa | 2023-02-12 | 5.0 MEDIUM | N/A |
| The get_user_grouplist function in the extdom plug-in in FreeIPA before 4.1.4 does not properly reallocate memory when processing user accounts, which allows remote attackers to cause a denial of service (crash) via a group list request for a user that belongs to a large number of groups. | |||||
| CVE-2016-0721 | 3 Clusterlabs, Fedoraproject, Redhat | 3 Pcs, Fedora, Enterprise Linux | 2023-02-12 | 4.3 MEDIUM | 8.1 HIGH |
| Session fixation vulnerability in pcsd in pcs before 0.9.157. | |||||
| CVE-2015-0278 | 3 Fedoraproject, Libuv Project, Nodejs | 3 Fedora, Libuv, Node.js | 2023-02-12 | 10.0 HIGH | N/A |
| libuv before 0.10.34 does not properly drop group privileges, which allows context-dependent attackers to gain privileges via unspecified vectors. | |||||
| CVE-2016-0720 | 3 Clusterlabs, Fedoraproject, Redhat | 3 Pcs, Fedora, Enterprise Linux | 2023-02-12 | 6.8 MEDIUM | 8.8 HIGH |
| Cross-site request forgery (CSRF) vulnerability in pcsd web UI in pcs before 0.9.149. | |||||
| CVE-2022-0730 | 3 Cacti, Debian, Fedoraproject | 3 Cacti, Debian Linux, Fedora | 2023-02-12 | 6.8 MEDIUM | 9.8 CRITICAL |
| Under certain ldap conditions, Cacti authentication can be bypassed with certain credential types. | |||||
| CVE-2021-20257 | 4 Debian, Fedoraproject, Qemu and 1 more | 8 Debian Linux, Fedora, Qemu and 5 more | 2023-02-12 | 2.1 LOW | 6.5 MEDIUM |
| An infinite loop flaw was found in the e1000 NIC emulator of the QEMU. This issue occurs while processing transmits (tx) descriptors in process_tx_desc if various descriptor fields are initialized with invalid values. This flaw allows a guest to consume CPU cycles on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability. | |||||
| CVE-2022-2850 | 2 Fedoraproject, Redhat | 4 Fedora, 389 Directory Server, Directory Server and 1 more | 2023-02-12 | N/A | 6.5 MEDIUM |
| A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows an authenticated attacker to cause a denial of service. This CVE is assigned against an incomplete fix of CVE-2021-3514. | |||||
| CVE-2022-4129 | 2 Fedoraproject, Linux | 2 Fedora, Layer 2 Tunneling Protocol | 2023-02-12 | N/A | 5.5 MEDIUM |
| A flaw was found in the Linux kernel's Layer 2 Tunneling Protocol (L2TP). A missing lock when clearing sk_user_data can lead to a race condition and NULL pointer dereference. A local user could use this flaw to potentially crash the system causing a denial of service. | |||||