Filtered by vendor Fedoraproject Subscriptions
Total 5439 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2009-2625 8 Apache, Canonical, Debian and 5 more 18 Xerces2 Java, Ubuntu Linux, Debian Linux and 15 more 2026-04-23 N/A
XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service (infinite loop and application hang) via malformed XML input, as demonstrated by the Codenomicon XML fuzzing framework.
CVE-2009-1242 5 Canonical, Debian, Fedoraproject and 2 more 5 Ubuntu Linux, Debian Linux, Fedora and 2 more 2026-04-23 N/A
The vmx_set_msr function in arch/x86/kvm/vmx.c in the VMX implementation in the KVM subsystem in the Linux kernel before 2.6.29.1 on the i386 platform allows guest OS users to cause a denial of service (OOPS) by setting the EFER_LME (aka "Long mode enable") bit in the Extended Feature Enable Register (EFER) model-specific register, which is specific to the x86_64 platform.
CVE-2008-3222 2 Drupal, Fedoraproject 2 Drupal, Fedora 2026-04-23 N/A
Session fixation vulnerability in Drupal 5.x before 5.9 and 6.x before 6.3, when contributed modules "terminate the current request during a login event," allows remote attackers to hijack web sessions via unknown vectors.
CVE-2008-3220 2 Drupal, Fedoraproject 2 Drupal, Fedora 2026-04-23 N/A
Cross-site request forgery (CSRF) vulnerability in Drupal 5.x before 5.8 and 6.x before 6.3 allows remote attackers to perform administrative actions via vectors involving deletion of "translated strings."
CVE-2008-2364 4 Apache, Canonical, Fedoraproject and 1 more 9 Http Server, Ubuntu Linux, Fedora and 6 more 2026-04-23 N/A
The ap_proxy_http_process_response function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server 2.0.63 and 2.2.8 does not limit the number of forwarded interim responses, which allows remote HTTP servers to cause a denial of service (memory consumption) via a large number of interim responses.
CVE-2008-2374 3 Bluez, Fedoraproject, Redhat 4 Bluez-libs, Bluez-utils, Fedora and 1 more 2026-04-23 9.8 Critical
src/sdp.c in bluez-libs 3.30 in BlueZ, and other bluez-libs before 3.34 and bluez-utils before 3.34 versions, does not validate string length fields in SDP packets, which allows remote SDP servers to cause a denial of service or possibly have unspecified other impact via a crafted length field that triggers excessive memory allocation or a buffer over-read.
CVE-2009-0846 5 Apple, Canonical, Fedoraproject and 2 more 9 Mac Os X, Ubuntu Linux, Fedora and 6 more 2026-04-23 N/A
The asn1_decode_generaltime function in lib/krb5/asn.1/asn1_decode.c in the ASN.1 GeneralizedTime decoder in MIT Kerberos 5 (aka krb5) before 1.6.4 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via vectors involving an invalid DER encoding that triggers a free of an uninitialized pointer.
CVE-2007-4000 3 Fedoraproject, Mit, Redhat 3 Fedora, Kerberos 5, Enterprise Linux 2026-04-23 N/A
The kadm5_modify_policy_internal function in lib/kadm5/srv/svr_policy.c in the Kerberos administration daemon (kadmind) in MIT Kerberos 5 (krb5) 1.5 through 1.6.2 does not properly check return values when the policy does not exist, which might allow remote authenticated users with the "modify policy" privilege to execute arbitrary code via unspecified vectors that trigger a write to an uninitialized pointer.
CVE-2008-1567 4 Debian, Fedoraproject, Opensuse and 1 more 4 Debian Linux, Fedora, Opensuse and 1 more 2026-04-23 5.5 Medium
phpMyAdmin before 2.11.5.1 stores the MySQL (1) username and (2) password, and the (3) Blowfish secret key, in cleartext in a Session file under /tmp, which allows local users to obtain sensitive information.
CVE-2008-0595 4 Fedoraproject, Freedesktop, Mandrakesoft and 1 more 4 Fedora, Dbus, Mandrake Linux and 1 more 2026-04-23 N/A
dbus-daemon in D-Bus before 1.0.3, and 1.1.x before 1.1.20, recognizes send_interface attributes in allow directives in the security policy only for fully qualified method calls, which allows local users to bypass intended access restrictions via a method call with a NULL interface.
CVE-2008-0599 4 Apple, Canonical, Fedoraproject and 1 more 5 Mac Os X, Mac Os X Server, Ubuntu Linux and 2 more 2026-04-23 9.8 Critical
The init_request_info function in sapi/cgi/cgi_main.c in PHP before 5.2.6 does not properly consider operator precedence when calculating the length of PATH_TRANSLATED, which might allow remote attackers to execute arbitrary code via a crafted URI.
CVE-2008-0005 4 Apache, Canonical, Fedoraproject and 1 more 6 Http Server, Ubuntu Linux, Fedora and 3 more 2026-04-23 N/A
mod_proxy_ftp in Apache 2.2.x before 2.2.7-dev, 2.0.x before 2.0.62-dev, and 1.3.x before 1.3.40-dev does not define a charset, which allows remote attackers to conduct cross-site scripting (XSS) attacks using UTF-7 encoding.
CVE-2008-0063 8 Apple, Canonical, Debian and 5 more 13 Mac Os X, Mac Os X Server, Ubuntu Linux and 10 more 2026-04-23 7.5 High
The Kerberos 4 support in KDC in MIT Kerberos 5 (krb5kdc) does not properly clear the unused portion of a buffer when generating an error message, which might allow remote attackers to obtain sensitive information, aka "Uninitialized stack values."
CVE-2007-6013 2 Fedoraproject, Wordpress 2 Fedora, Wordpress 2026-04-23 9.8 Critical
Wordpress 1.5 through 2.3.1 uses cookie values based on the MD5 hash of a password MD5 hash, which allows attackers to bypass authentication by obtaining the MD5 hash from the user database, then generating the authentication cookie from that hash.
CVE-2007-6427 8 Apple, Canonical, Debian and 5 more 12 Mac Os X, Ubuntu Linux, Debian Linux and 9 more 2026-04-23 N/A
The XInput extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to execute arbitrary code via requests related to byte swapping and heap corruption within multiple functions, a different vulnerability than CVE-2007-4990.
CVE-2009-2910 6 Canonical, Fedoraproject, Linux and 3 more 15 Ubuntu Linux, Fedora, Linux Kernel and 12 more 2026-04-23 N/A
arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.31.4 on the x86_64 platform does not clear certain kernel registers before a return to user mode, which allows local users to read register values from an earlier process by switching an ia32 process to 64-bit mode.
CVE-2012-1823 8 Apple, Debian, Fedoraproject and 5 more 20 Mac Os X, Debian Linux, Fedora and 17 more 2026-04-21 9.8 Critical
sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'd' case.
CVE-2014-0160 13 Broadcom, Canonical, Debian and 10 more 37 Symantec Messaging Gateway, Ubuntu Linux, Debian Linux and 34 more 2026-04-21 7.5 High
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.
CVE-2016-5195 7 Canonical, Debian, Fedoraproject and 4 more 24 Ubuntu Linux, Debian Linux, Fedora and 21 more 2026-04-21 7.0 High
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."
CVE-2021-22925 8 Apple, Fedoraproject, Haxx and 5 more 28 Mac Os X, Macos, Fedora and 25 more 2026-04-16 5.3 Medium
curl supports the `-t` command line option, known as `CURLOPT_TELNETOPTIONS`in libcurl. This rarely used option is used to send variable=content pairs toTELNET servers.Due to flaw in the option parser for sending `NEW_ENV` variables, libcurlcould be made to pass on uninitialized data from a stack based buffer to theserver. Therefore potentially revealing sensitive internal information to theserver using a clear-text network protocol.This could happen because curl did not call and use sscanf() correctly whenparsing the string provided by the application.