Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:o:fedoraproject:fedora:15:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2020-14312 |
A flaw was found in the default configuration of dnsmasq, as shipped with Fedora versions prior to 31 and in all versions Red Hat Enterprise Linux, where it listens on any interface and accepts queries from addresses outside of its local subnet. In particular, the option `local-service` is not enabled. Running dnsmasq in this manner may inadvertently make it an open resolver accessible from any address on the internet. This flaw allows an attacker to conduct a Distributed Denial of Service (DDoS) against other systems. Published: February 05, 2021; 7:15:12 PM -0500 |
V3.1: 5.9 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2012-1105 |
An Information Disclosure vulnerability exists in the Jasig Project php-pear-CAS 1.2.2 package in the /tmp directory. The Central Authentication Service client library archives the debug logging file in an insecure manner. Published: December 05, 2019; 2:15:15 PM -0500 |
V3.1: 5.5 MEDIUM V2.0: 2.1 LOW |
CVE-2011-2924 |
foomatic-rip filter v4.0.12 and prior used insecurely creates temporary files for storage of PostScript data by rendering the data when the debug mode was enabled. This flaw may be exploited by a local attacker to conduct symlink attacks by overwriting arbitrary files accessible with the privileges of the user running the foomatic-rip universal print filter. Published: November 19, 2019; 5:15:10 PM -0500 |
V3.1: 5.5 MEDIUM V2.0: 3.3 LOW |
CVE-2011-2726 |
An access bypass issue was found in Drupal 7.x before version 7.5. If a Drupal site has the ability to attach File upload fields to any entity type in the system or has the ability to point individual File upload fields to the private file directory in comments, and the parent node is denied access, non-privileged users can still download the file attached to the comment if they know or guess its direct URL. Published: November 15, 2019; 12:15:12 PM -0500 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2012-1170 |
Moodle before 2.2.2 has an external enrolment plugin context check issue where capability checks are not thorough Published: November 14, 2019; 12:15:13 PM -0500 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2012-1169 |
Moodle before 2.2.2 has Personal information disclosure, when administrative setting users name display is set to first name only full names are shown in page breadcrumbs. Published: November 14, 2019; 12:15:12 PM -0500 |
V3.1: 5.3 MEDIUM V2.0: 5.0 MEDIUM |
CVE-2012-1161 |
Moodle before 2.2.2: Course information leak via hidden courses being displayed in tag search results Published: November 14, 2019; 12:15:12 PM -0500 |
V3.1: 4.3 MEDIUM V2.0: 4.0 MEDIUM |
CVE-2012-1160 |
Moodle before 2.2.2 has a permission issue in Forum Subscriptions where unenrolled users can subscribe/unsubscribe via mod/forum/index.php Published: November 14, 2019; 12:15:12 PM -0500 |
V3.1: 2.7 LOW V2.0: 4.0 MEDIUM |
CVE-2012-1159 |
Moodle before 2.2.2: Overview report allows users to see hidden courses Published: November 14, 2019; 12:15:12 PM -0500 |
V3.1: 4.3 MEDIUM V2.0: 4.0 MEDIUM |
CVE-2012-1158 |
Moodle before 2.2.2 has a course information leak in gradebook where users are able to see hidden grade items in export Published: November 14, 2019; 12:15:12 PM -0500 |
V3.1: 4.3 MEDIUM V2.0: 4.0 MEDIUM |
CVE-2012-1157 |
Moodle before 2.2.2 has a default repository capabilities issue where all repositories are viewable by all users by default Published: November 14, 2019; 12:15:12 PM -0500 |
V3.1: 4.3 MEDIUM V2.0: 4.0 MEDIUM |
CVE-2012-1168 |
Moodle before 2.2.2 has a password and web services issue where when the user profile is updated the user password is reset if not specified. Published: November 14, 2019; 11:15:14 AM -0500 |
V3.1: 8.2 HIGH V2.0: 6.4 MEDIUM |
CVE-2012-1156 |
Moodle before 2.2.2 has users' private files included in course backups Published: November 14, 2019; 11:15:14 AM -0500 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2012-1155 |
Moodle has a database activity export permission issue where the export function of the database activity module exports all entries even those from groups the user does not belong to Published: November 14, 2019; 11:15:14 AM -0500 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2010-4661 |
udisks before 1.0.3 allows a local user to load arbitrary Linux kernel modules. Published: November 13, 2019; 4:15:11 PM -0500 |
V3.1: 7.8 HIGH V2.0: 4.6 MEDIUM |
CVE-2012-0049 |
OpenTTD before 1.1.5 contains a Denial of Service (slow read attack) that prevents users from joining the server. Published: November 07, 2019; 1:15:11 PM -0500 |
V3.1: 4.3 MEDIUM V2.0: 4.0 MEDIUM |
CVE-2019-3882 |
A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory limit. If a device is bound to a vfio driver, such as vfio-pci, and the local attacker is administratively granted ownership of the device, it may cause a system memory exhaustion and thus a denial of service (DoS). Versions 3.10, 4.14 and 4.18 are vulnerable. Published: April 24, 2019; 12:29:02 PM -0400 |
V3.1: 5.5 MEDIUM V2.0: 4.9 MEDIUM |
CVE-2019-11234 |
FreeRADIUS before 3.0.19 does not prevent use of reflection for authentication spoofing, aka a "Dragonblood" issue, a similar issue to CVE-2019-9497. Published: April 22, 2019; 7:29:03 AM -0400 |
V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2014-0477 |
The parse function in Email::Address module before 1.905 for Perl uses an inefficient regular expression, which allows remote attackers to cause a denial of service (CPU consumption) via an empty quoted string in an RFC 2822 address. Published: July 03, 2014; 1:55:05 PM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2014-3470 |
The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when an anonymous ECDH cipher suite is used, allows remote attackers to cause a denial of service (NULL pointer dereference and client crash) by triggering a NULL certificate value. Published: June 05, 2014; 5:55:07 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |