Search Results (Refine Search)
- Keyword (text search): cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2015-7810 |
libbluray MountManager class has a time-of-check time-of-use (TOCTOU) race when expanding JAR files Published: November 22, 2019; 10:15:11 AM -0500 |
V4.0:(not available) V3.1: 4.7 MEDIUM V2.0: 3.3 LOW |
CVE-2012-4524 |
xlockmore before 5.43 'dclock' security bypass vulnerability Published: November 21, 2019; 10:15:11 AM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2013-1817 |
MediaWiki before 1.19.4 and 1.20.x before 1.20.3 contains an error in the api.php script which allows remote attackers to obtain sensitive information. Published: November 20, 2019; 3:15:11 PM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2013-1816 |
MediaWiki before 1.19.4 and 1.20.x before 1.20.3 allows remote attackers to cause a denial of service (application crash) by sending a specially crafted request. Published: November 20, 2019; 3:15:10 PM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2013-7089 |
ClamAV before 0.97.7: dbg_printhex possible information leak Published: November 15, 2019; 10:15:11 AM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2013-7088 |
ClamAV before 0.97.7 has buffer overflow in the libclamav component Published: November 15, 2019; 10:15:11 AM -0500 |
V4.0:(not available) V3.1: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2013-7087 |
ClamAV before 0.97.7 has WWPack corrupt heap memory Published: November 15, 2019; 10:15:11 AM -0500 |
V4.0:(not available) V3.1: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2010-4661 |
udisks before 1.0.3 allows a local user to load arbitrary Linux kernel modules. Published: November 13, 2019; 4:15:11 PM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 4.6 MEDIUM |
CVE-2013-4409 |
An eval() vulnerability exists in Python Software Foundation Djblets 0.7.21 and Beanbag Review Board before 1.7.15 when parsing JSON requests. Published: November 04, 2019; 4:15:11 PM -0500 |
V4.0:(not available) V3.1: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2013-4251 |
The scipy.weave component in SciPy before 0.12.1 creates insecure temporary directories. Published: November 04, 2019; 3:15:09 PM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0: 4.6 MEDIUM |
CVE-2013-4168 |
Cross-site scripting (XSS) vulnerability in SmokePing 2.6.9 in the start and end time fields. Published: November 01, 2019; 4:15:10 PM -0400 |
V4.0:(not available) V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2013-4751 |
php-symfony2-Validator has loss of information during serialization Published: November 01, 2019; 9:15:11 AM -0400 |
V4.0:(not available) V3.1: 8.1 HIGH V2.0: 4.9 MEDIUM |
CVE-2013-1931 |
A cross-site scripting (XSS) vulnerability in MantisBT 1.2.14 allows remote attackers to inject arbitrary web script or HTML via a version, related to deleting a version. Published: October 31, 2019; 4:15:10 PM -0400 |
V4.0:(not available) V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2013-1930 |
MantisBT 1.2.12 before 1.2.15 allows authenticated users to by the workflow restriction and close issues. Published: October 31, 2019; 4:15:10 PM -0400 |
V4.0:(not available) V3.1: 4.3 MEDIUM V2.0: 4.0 MEDIUM |
CVE-2019-3882 |
A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory limit. If a device is bound to a vfio driver, such as vfio-pci, and the local attacker is administratively granted ownership of the device, it may cause a system memory exhaustion and thus a denial of service (DoS). Versions 3.10, 4.14 and 4.18 are vulnerable. Published: April 24, 2019; 12:29:02 PM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0: 4.9 MEDIUM |
CVE-2019-11234 |
FreeRADIUS before 3.0.19 does not prevent use of reflection for authentication spoofing, aka a "Dragonblood" issue, a similar issue to CVE-2019-9497. Published: April 22, 2019; 7:29:03 AM -0400 |
V4.0:(not available) V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2013-0159 |
The fedora-business-cards package before 1-0.1.beta1.fc17 on Fedora 17 and before 1-0.1.beta1.fc18 on Fedora 18 allows local users to cause a denial of service or write to arbitrary files via a symlink attack on /tmp/fedora-business-cards-buffer.svg. Published: May 01, 2018; 3:29:00 PM -0400 |
V4.0:(not available) V3.0: 7.1 HIGH V2.0: 3.6 LOW |
CVE-2014-0477 |
The parse function in Email::Address module before 1.905 for Perl uses an inefficient regular expression, which allows remote attackers to cause a denial of service (CPU consumption) via an empty quoted string in an RFC 2822 address. Published: July 03, 2014; 1:55:05 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2014-3470 |
The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when an anonymous ECDH cipher suite is used, allows remote attackers to cause a denial of service (NULL pointer dereference and client crash) by triggering a NULL certificate value. Published: June 05, 2014; 5:55:07 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2014-0221 |
The dtls1_get_message_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service (recursion and client crash) via a DTLS hello message in an invalid DTLS handshake. Published: June 05, 2014; 5:55:06 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 4.3 MEDIUM |