Fedora Security Vulnerabilities and Issues — Fedora CVE List

Lucene search

RedhatFedora

9 matches found

CVE•added 2018/11/09 9:29 p.m.•177 views

CVE-2018-19139

An issue has been found in JasPer 2.0.14. There is a memory leak in jas_malloc.c when called from jpc_unk_getparms in jpc_cs.c.

5.5CVSS6.1AI score0.00493EPSS

CVE•added 2009/11/20 5:30 p.m.•100 views

CVE-2009-3080

Array index error in the gdth_read_event function in drivers/scsi/gdth.c in the Linux kernel before 2.6.32-rc8 allows local users to cause a denial of service or possibly gain privileges via a negative event index in an IOCTL request.

7.2CVSS7AI score0.0007EPSS

CVE•added 2008/01/12 2:46 a.m.•56 views

CVE-2007-6284

The xmlCurrentChar function in libxml2 before 2.6.31 allows context-dependent attackers to cause a denial of service (infinite loop) via XML containing invalid UTF-8 sequences.

5CVSS5.9AI score0.05559EPSS

CVE•added 2008/09/29 5:17 p.m.•56 views

CVE-2008-3524

rc.sysinit in initscripts before 8.76.3-1 on Fedora 9 and other Linux platforms allows local users to delete arbitrary files via a symlink attack on a file or directory under (1) /var/lock or (2) /var/run.

4.7CVSS6AI score0.00032EPSS

CVE•added 2011/02/24 9:0 p.m.•53 views

CVE-2011-1011

The seunshare_mount function in sandbox/seunshare.c in seunshare in certain Red Hat packages of policycoreutils 2.0.83 and earlier in Red Hat Enterprise Linux (RHEL) 6 and earlier, and Fedora 14 and earlier, mounts a new directory on top of /tmp without assigning root ownership and the sticky bit t...

6.9CVSS6.7AI score0.00044EPSS

CVE•added 2008/05/22 1:9 p.m.•50 views

CVE-2007-5962

Memory leak in a certain Red Hat patch, applied to vsftpd 2.0.5 on Red Hat Enterprise Linux (RHEL) 5 and Fedora 6 through 8, and on Foresight Linux and rPath appliances, allows remote attackers to cause a denial of service (memory consumption) via a large number of CWD commands, as demonstrated by ...

7.1CVSS6.2AI score0.18831EPSS

CVE•added 2009/05/06 5:30 p.m.•49 views

CVE-2009-1573

xvfb-run 1.6.1 in Debian GNU/Linux, Ubuntu, Fedora 10, and possibly other operating systems place the magic cookie (MCOOKIE) on the command line, which allows local users to gain privileges by listing the process and its arguments.

4.6CVSS6.5AI score0.00061EPSS

CVE•added 2008/10/03 5:41 p.m.•43 views

CVE-2008-3832

A certain Fedora patch for the utrace subsystem in the Linux kernel before 2.6.26.5-28 on Fedora 8, and before 2.6.26.5-45 on Fedora 9, allows local users to cause a denial of service (NULL pointer dereference and system crash or hang) via a call to the utrace_control function.

4.9CVSS6.2AI score0.00091EPSS

CVE•added 2007/08/30 10:17 p.m.•41 views

CVE-2007-4134

Directory traversal vulnerability in extract.c in star before 1.5a84 allows user-assisted remote attackers to overwrite arbitrary files via certain //.. (slash slash dot dot) sequences in directory symlinks in a TAR archive.

6.8CVSS6.4AI score0.01674EPSS