Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Fedoraproject Subscribe
Filtered by product Fedora
Total 4367 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-14954 6 Canonical, Debian, Fedoraproject and 3 more 6 Ubuntu Linux, Debian Linux, Fedora and 3 more 2023-02-27 4.3 MEDIUM 5.9 MEDIUM
Mutt before 1.14.4 and NeoMutt before 2020-06-19 have a STARTTLS buffering issue that affects IMAP, SMTP, and POP3. When a server sends a "begin TLS" response, the client reads additional data (e.g., from a man-in-the-middle attacker) and evaluates it in a TLS context, aka "response injection."
CVE-2020-10177 4 Canonical, Debian, Fedoraproject and 1 more 4 Ubuntu Linux, Debian Linux, Fedora and 1 more 2023-02-27 4.3 MEDIUM 5.5 MEDIUM
Pillow before 7.1.0 has multiple out-of-bounds reads in libImaging/FliDecode.c.
CVE-2020-10378 3 Canonical, Fedoraproject, Python 3 Ubuntu Linux, Fedora, Pillow 2023-02-27 4.3 MEDIUM 5.5 MEDIUM
In libImaging/PcxDecode.c in Pillow before 7.1.0, an out-of-bounds read can occur when reading PCX files where state->shuffle is instructed to read beyond state->buffer.
CVE-2020-10994 3 Canonical, Fedoraproject, Python 3 Ubuntu Linux, Fedora, Pillow 2023-02-27 4.3 MEDIUM 5.5 MEDIUM
In libImaging/Jpeg2KDecode.c in Pillow before 7.1.0, there are multiple out-of-bounds reads via a crafted JP2 file.
CVE-2020-10379 3 Canonical, Fedoraproject, Python 3 Ubuntu Linux, Fedora, Pillow 2023-02-27 6.8 MEDIUM 7.8 HIGH
In Pillow before 7.1.0, there are two Buffer Overflows in libImaging/TiffDecode.c.
CVE-2020-4067 5 Canonical, Coturn Project, Debian and 2 more 5 Ubuntu Linux, Coturn, Debian Linux and 2 more 2023-02-27 5.0 MEDIUM 7.5 HIGH
In coturn before version 4.5.1.3, there is an issue whereby STUN/TURN response buffer is not initialized properly. There is a leak of information between different client connections. One client (an attacker) could use their connection to intelligently query coturn to get interesting bytes in the padding bytes from the connection of another client. This has been fixed in 4.5.1.3.
CVE-2020-16150 3 Arm, Debian, Fedoraproject 3 Mbed Tls, Debian Linux, Fedora 2023-02-27 2.1 LOW 5.5 MEDIUM
A Lucky 13 timing side channel in mbedtls_ssl_decrypt_buf in library/ssl_msg.c in Trusted Firmware Mbed TLS through 2.23.0 allows an attacker to recover secret key information. This affects CBC mode because of a computed time difference based on a padding length.
CVE-2020-11538 3 Canonical, Fedoraproject, Python 3 Ubuntu Linux, Fedora, Pillow 2023-02-27 6.8 MEDIUM 8.1 HIGH
In libImaging/SgiRleDecode.c in Pillow through 7.0.0, a number of out-of-bounds reads exist in the parsing of SGI image files, a different issue than CVE-2020-5311.
CVE-2021-29458 3 Debian, Exiv2, Fedoraproject 3 Debian Linux, Exiv2, Fedora 2023-02-27 4.3 MEDIUM 5.5 MEDIUM
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 versions v0.27.3 and earlier. The out-of-bounds read is triggered when Exiv2 is used to write metadata into a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service by crashing Exiv2, if they can trick the victim into running Exiv2 on a crafted image file. Note that this bug is only triggered when writing the metadata, which is a less frequently used Exiv2 operation than reading the metadata. For example, to trigger the bug in the Exiv2 command-line application, you need to add an extra command-line argument such as insert. The bug is fixed in version v0.27.4.
CVE-2020-24659 4 Canonical, Fedoraproject, Gnu and 1 more 4 Ubuntu Linux, Fedora, Gnutls and 1 more 2023-02-27 5.0 MEDIUM 7.5 HIGH
An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer dereference in a TLS 1.3 client if a no_renegotiation alert is sent with unexpected timing, and then an invalid second handshake occurs. The crash happens in the application's error handling path, where the gnutls_deinit function is called after detecting a handshake failure.
CVE-2019-10894 5 Canonical, Debian, Fedoraproject and 2 more 5 Ubuntu Linux, Debian Linux, Fedora and 2 more 2023-02-27 5.0 MEDIUM 7.5 HIGH
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the GSS-API dissector could crash. This was addressed in epan/dissectors/packet-gssapi.c by ensuring that a valid dissector is called.
CVE-2019-10903 5 Canonical, Debian, Fedoraproject and 2 more 5 Ubuntu Linux, Debian Linux, Fedora and 2 more 2023-02-27 5.0 MEDIUM 7.5 HIGH
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DCERPC SPOOLSS dissector could crash. This was addressed in epan/dissectors/packet-dcerpc-spoolss.c by adding a boundary check.
CVE-2019-10901 5 Canonical, Debian, Fedoraproject and 2 more 5 Ubuntu Linux, Debian Linux, Fedora and 2 more 2023-02-27 5.0 MEDIUM 7.5 HIGH
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the LDSS dissector could crash. This was addressed in epan/dissectors/packet-ldss.c by handling file digests properly.
CVE-2019-10896 5 Canonical, Debian, Fedoraproject and 2 more 5 Ubuntu Linux, Debian Linux, Fedora and 2 more 2023-02-27 5.0 MEDIUM 7.5 HIGH
In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DOF dissector could crash. This was addressed in epan/dissectors/packet-dof.c by properly handling generated IID and OID bytes.
CVE-2022-24765 5 Apple, Debian, Fedoraproject and 2 more 5 Xcode, Debian Linux, Fedora and 2 more 2023-02-27 6.9 MEDIUM 7.8 HIGH
Git for Windows is a fork of Git containing Windows-specific patches. This vulnerability affects users working on multi-user machines, where untrusted parties have write access to the same hard disk. Those untrusted parties could create the folder `C:\.git`, which would be picked up by Git operations run supposedly outside a repository while searching for a Git directory. Git would then respect any config in said Git directory. Git Bash users who set `GIT_PS1_SHOWDIRTYSTATE` are vulnerable as well. Users who installed posh-gitare vulnerable simply by starting a PowerShell. Users of IDEs such as Visual Studio are vulnerable: simply creating a new project would already read and respect the config specified in `C:\.git\config`. Users of the Microsoft fork of Git are vulnerable simply by starting a Git Bash. The problem has been patched in Git for Windows v2.35.2. Users unable to upgrade may create the folder `.git` on all drives where Git commands are run, and remove read/write access from those folders as a workaround. Alternatively, define or extend `GIT_CEILING_DIRECTORIES` to cover the _parent_ directory of the user profile, e.g. `C:\Users` if the user profile is located in `C:\Users\my-user-name`.
CVE-2023-22945 2 Fedoraproject, Mediawiki 2 Fedora, Mediawiki 2023-02-27 N/A 4.3 MEDIUM
In the GrowthExperiments extension for MediaWiki through 1.39, the growthmanagementorlist API allows blocked users (blocked in ApiManageMentorList) to enroll as mentors or edit any of their mentorship-related properties.
CVE-2023-22909 2 Fedoraproject, Mediawiki 2 Fedora, Mediawiki 2023-02-27 N/A 5.3 MEDIUM
An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1. SpecialMobileHistory allows remote attackers to cause a denial of service because database queries are slow.
CVE-2023-22911 2 Fedoraproject, Mediawiki 2 Fedora, Mediawiki 2023-02-27 N/A 6.1 MEDIUM
An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1. E-Widgets does widget replacement in HTML attributes, which can lead to XSS, because widget authors often do not expect that their widget is executed in an HTML attribute context.
CVE-2021-29154 4 Debian, Fedoraproject, Linux and 1 more 20 Debian Linux, Fedora, Linux Kernel and 17 more 2023-02-24 7.2 HIGH 7.8 HIGH
BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. This affects arch/x86/net/bpf_jit_comp.c and arch/x86/net/bpf_jit_comp32.c.
CVE-2020-8835 4 Canonical, Fedoraproject, Linux and 1 more 47 Ubuntu Linux, Fedora, Linux Kernel and 44 more 2023-02-24 7.2 HIGH 7.8 HIGH
In the Linux kernel 5.5.0 and newer, the bpf verifier (kernel/bpf/verifier.c) did not properly restrict the register bounds for 32-bit operations, leading to out-of-bounds reads and writes in kernel memory. The vulnerability also affects the Linux 5.4 stable series, starting with v5.4.7, as the introducing commit was backported to that branch. This vulnerability was fixed in 5.6.1, 5.5.14, and 5.4.29. (issue is aka ZDI-CAN-10780)