Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2015-7810 |
libbluray MountManager class has a time-of-check time-of-use (TOCTOU) race when expanding JAR files Published: November 22, 2019; 10:15:11 AM -0500 |
V3.1: 4.7 MEDIUM V2.0: 3.3 LOW |
CVE-2012-4524 |
xlockmore before 5.43 'dclock' security bypass vulnerability Published: November 21, 2019; 10:15:11 AM -0500 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2013-1817 |
MediaWiki before 1.19.4 and 1.20.x before 1.20.3 contains an error in the api.php script which allows remote attackers to obtain sensitive information. Published: November 20, 2019; 3:15:11 PM -0500 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2013-1816 |
MediaWiki before 1.19.4 and 1.20.x before 1.20.3 allows remote attackers to cause a denial of service (application crash) by sending a specially crafted request. Published: November 20, 2019; 3:15:10 PM -0500 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2013-7089 |
ClamAV before 0.97.7: dbg_printhex possible information leak Published: November 15, 2019; 10:15:11 AM -0500 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2013-7088 |
ClamAV before 0.97.7 has buffer overflow in the libclamav component Published: November 15, 2019; 10:15:11 AM -0500 |
V3.1: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2013-7087 |
ClamAV before 0.97.7 has WWPack corrupt heap memory Published: November 15, 2019; 10:15:11 AM -0500 |
V3.1: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2013-4409 |
An eval() vulnerability exists in Python Software Foundation Djblets 0.7.21 and Beanbag Review Board before 1.7.15 when parsing JSON requests. Published: November 04, 2019; 4:15:11 PM -0500 |
V3.1: 9.8 CRITICAL V2.0: 7.5 HIGH |
CVE-2013-4251 |
The scipy.weave component in SciPy before 0.12.1 creates insecure temporary directories. Published: November 04, 2019; 3:15:09 PM -0500 |
V3.1: 7.8 HIGH V2.0: 4.6 MEDIUM |
CVE-2013-4168 |
Cross-site scripting (XSS) vulnerability in SmokePing 2.6.9 in the start and end time fields. Published: November 01, 2019; 4:15:10 PM -0400 |
V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2013-4751 |
php-symfony2-Validator has loss of information during serialization Published: November 01, 2019; 9:15:11 AM -0400 |
V3.1: 8.1 HIGH V2.0: 4.9 MEDIUM |
CVE-2013-1931 |
A cross-site scripting (XSS) vulnerability in MantisBT 1.2.14 allows remote attackers to inject arbitrary web script or HTML via a version, related to deleting a version. Published: October 31, 2019; 4:15:10 PM -0400 |
V3.1: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2013-1930 |
MantisBT 1.2.12 before 1.2.15 allows authenticated users to by the workflow restriction and close issues. Published: October 31, 2019; 4:15:10 PM -0400 |
V3.1: 4.3 MEDIUM V2.0: 4.0 MEDIUM |
CVE-2013-0159 |
The fedora-business-cards package before 1-0.1.beta1.fc17 on Fedora 17 and before 1-0.1.beta1.fc18 on Fedora 18 allows local users to cause a denial of service or write to arbitrary files via a symlink attack on /tmp/fedora-business-cards-buffer.svg. Published: May 01, 2018; 3:29:00 PM -0400 |
V3.0: 7.1 HIGH V2.0: 3.6 LOW |
CVE-2013-2191 |
python-bugzilla before 0.9.0 does not validate X.509 certificates, which allows man-in-the-middle attackers to spoof Bugzilla servers via a crafted certificate. Published: February 07, 2014; 7:55:06 PM -0500 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2013-2139 |
Buffer overflow in srtp.c in libsrtp in srtp 1.4.5 and earlier allows remote attackers to cause a denial of service (crash) via vectors related to a length inconsistency in the crypto_policy_set_from_profile_for_rtp and srtp_protect functions. Published: January 16, 2014; 12:05:23 AM -0500 |
V3.x:(not available) V2.0: 2.6 LOW |
CVE-2011-5268 |
connection.c in Bip before 0.8.9 does not properly close sockets, which allows remote attackers to cause a denial of service (file descriptor consumption and crash) via multiple failed SSL handshakes, a different vulnerability than CVE-2013-4550. NOTE: this issue was SPLIT from CVE-2013-4550 because it is a different type of issue. Published: December 24, 2013; 2:55:06 PM -0500 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2013-4550 |
Bip before 0.8.9, when running as a daemon, writes SSL handshake errors to an unexpected file descriptor that was previously associated with stderr before stderr has been closed, which allows remote attackers to write to other sockets and have an unspecified impact via a failed SSL handshake, a different vulnerability than CVE-2011-5268. NOTE: some sources originally mapped this CVE to two different types of issues; this CVE has since been SPLIT, producing CVE-2011-5268. Published: December 24, 2013; 1:55:03 PM -0500 |
V3.x:(not available) V2.0: 5.1 MEDIUM |
CVE-2013-0348 |
thttpd.c in sthttpd before 2.26.4-r2 and thttpd 2.25b use world-readable permissions for /var/log/thttpd.log, which allows local users to obtain sensitive information by reading the file. Published: December 13, 2013; 1:07:54 PM -0500 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-2013-1812 |
The ruby-openid gem before 2.2.2 for Ruby allows remote OpenID providers to cause a denial of service (CPU consumption) via (1) a large XRDS document or (2) an XML Entity Expansion (XEE) attack. Published: December 12, 2013; 1:55:10 PM -0500 |
V3.x:(not available) V2.0: 4.3 MEDIUM |