Fedoraproject

Fedora

5319 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.7

CVE-2014-2678

  • EPSS 0.09%
  • Veröffentlicht 01.04.2014 06:35:53
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The rds_iw_laddr_check function in net/rds/iw.c in the Linux kernel through 3.14 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a bind system call for an RDS s...

4.3

CVE-2014-2326

Exploit
  • EPSS 1.27%
  • Veröffentlicht 27.03.2014 16:55:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in cdef.php in Cacti 0.8.7g, 0.8.8b, and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

6.8

CVE-2013-6474

  • EPSS 9.07%
  • Veröffentlicht 14.03.2014 15:55:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Heap-based buffer overflow in the pdftoopvp filter in CUPS and cups-filters before 1.0.47 allows remote attackers to execute arbitrary code via a crafted PDF file.

6.8

CVE-2013-6475

  • EPSS 7.25%
  • Veröffentlicht 14.03.2014 15:55:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple integer overflows in (1) OPVPOutputDev.cxx and (2) oprs/OPVPSplash.cxx in the pdftoopvp filter in CUPS and cups-filters before 1.0.47 allow remote attackers to execute arbitrary code via a crafted PDF file, which triggers a heap-based buffer...

4.4

CVE-2013-6476

  • EPSS 0.11%
  • Veröffentlicht 14.03.2014 15:55:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The OPVPWrapper::loadDriver function in oprs/OPVPWrapper.cxx in the pdftoopvp filter in CUPS and cups-filters before 1.0.47 allows local users to gain privileges via a Trojan horse driver in the same directory as the PDF file.

4.4

CVE-2011-4930

  • EPSS 0.1%
  • Veröffentlicht 10.02.2014 18:15:09
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Multiple format string vulnerabilities in Condor 7.2.0 through 7.6.4, and possibly certain 7.7.x versions, as used in Red Hat MRG Grid and possibly other products, allow local users to cause a denial of service (condor_schedd daemon and failure to la...

4.3

CVE-2013-2191

  • EPSS 0.25%
  • Veröffentlicht 08.02.2014 00:55:06
  • Zuletzt bearbeitet 11.04.2025 00:51:21

python-bugzilla before 0.9.0 does not validate X.509 certificates, which allows man-in-the-middle attackers to spoof Bugzilla servers via a crafted certificate.

7.5

CVE-2014-1487

Exploit
  • EPSS 0.5%
  • Veröffentlicht 06.02.2014 05:44:25
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information v...

9.3

CVE-2014-1490

  • EPSS 1.05%
  • Veröffentlicht 06.02.2014 05:44:25
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Race condition in libssl in Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, allows remote attackers to ca...

4.3

CVE-2014-1491

Exploit
  • EPSS 0.61%
  • Veröffentlicht 06.02.2014 05:44:25
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, does not properly restrict public values in Diffie-Hellma...