RSS   Vulnerabilities for 'Fedora'   RSS

2017-12-29
 
CVE-2015-8008

CWE-284
 

 
The OAuth extension for MediaWiki improperly negotiates a new client token only over Special:OAuth/initiate, which allows attackers to bypass intended IP address access restrictions by making an API request with an existing token.

 
 
CVE-2014-8119

CWE-20
 

 
The find_ifcfg_path function in netcf before 0.2.7 might allow attackers to cause a denial of service (application crash) via vectors involving augeas path expressions.

 
 
CVE-2014-4978

CWE-59
 

 
The rs_filter_graph function in librawstudio/rs-filter.c in rawstudio might allow local users to truncate arbitrary files via a symlink attack on (1) /tmp/rs-filter-graph.png or (2) /tmp/rs-filter-graph.

 
 
CVE-2017-16876

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in the _keyify function in mistune.py in Mistune before 0.8.1 allows remote attackers to inject arbitrary web script or HTML by leveraging failure to escape the "key" argument.

 
2017-12-20
 
CVE-2017-16818

CWE-254
 

 
RADOS Gateway in Ceph 12.1.0 through 12.2.1 allows remote authenticated users to cause a denial of service (assertion failure and application exit) by leveraging "full" (not necessarily admin) privileges to post an invalid profile to the admin API, related to rgw/rgw_iam_policy.cc, rgw/rgw_basic_types.h, and rgw/rgw_iam_types.h.

 
2017-12-05
 
CVE-2016-1254

CWE-119
 

 
Tor before 0.2.8.12 might allow remote attackers to cause a denial of service (client crash) via a crafted hidden service descriptor.

 
2017-10-16
 
CVE-2015-7687

 

 
Use-after-free vulnerability in OpenSMTPD before 5.7.2 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via vectors involving req_ca_vrfy_smtp and req_ca_vrfy_mta.

 
2017-10-10
 
CVE-2014-9092

 

 
libjpeg-turbo before 1.3.1 allows remote attackers to cause a denial of service (crash) via a crafted JPEG file, related to the Exif marker.

 
2017-10-02
 
CVE-2017-13704

CWE-20
 

 
In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero's (0xffffffffffffffff in 64 bit platforms), making dnsmasq crash.

 
2017-09-26
 
CVE-2015-5070

 

 
The (1) filesystem::get_wml_location function in filesystem.cpp and (2) is_legal_file function in filesystem_boost.cpp in Battle for Wesnoth before 1.12.4 and 1.13.x before 1.13.1, when a case-insensitive filesystem is used, allow remote attackers to obtain sensitive information via vectors related to inclusion of .pbl files from WML. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-5069.

 


Copyright 2018, cxsecurity.com

 

Back to Top