Fedoraproject

Fedora

5319 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4

CVE-2015-4815

  • EPSS 0.42%
  • Veröffentlicht 21.10.2015 21:59:30
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via vectors related to Server : DDL.

3.5

CVE-2015-4807

  • EPSS 0.37%
  • Veröffentlicht 21.10.2015 21:59:24
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier, when running on Windows, allows remote authenticated users to affect availability via unknown vectors related to Server : Query Cache.

4

CVE-2015-4802

  • EPSS 0.42%
  • Veröffentlicht 21.10.2015 21:59:19
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition, a different vulnerability than CVE-2015-4792.

1.7

CVE-2015-4792

  • EPSS 0.92%
  • Veröffentlicht 21.10.2015 21:59:09
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition, a different vulnerability than CVE-2015-4802.

4.3

CVE-2015-5235

  • EPSS 0.94%
  • Veröffentlicht 09.10.2015 14:59:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly determine the origin of unsigned applets, which allows remote attackers to bypass the approval process or trick users into approving applet execution via a crafted web page.

6.8

CVE-2015-5234

  • EPSS 0.92%
  • Veröffentlicht 09.10.2015 14:59:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly sanitize applet URLs, which allows remote attackers to inject applets into the .appletTrustSettings configuration file and bypass user approval to execute the applet via a crafted web ...

6.8

CVE-2015-5400

Exploit
  • EPSS 19.75%
  • Veröffentlicht 28.09.2015 20:59:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Squid before 3.5.6 does not properly handle CONNECT method peer responses when configured with cache_peer, which allows remote attackers to bypass intended restrictions and gain access to a backend proxy via a CONNECT request.

4.3

CVE-2015-6938

Exploit
  • EPSS 0.86%
  • Veröffentlicht 21.09.2015 19:59:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in the file browser in notebook/notebookapp.py in IPython Notebook before 3.2.2 and Jupyter Notebook 4.0.x before 4.0.5 allows remote attackers to inject arbitrary web script or HTML via a folder name. NOTE: ...

4.3

CVE-2015-6665

  • EPSS 0.82%
  • Veröffentlicht 24.08.2015 14:59:22
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in the Ajax handler in Drupal 7.x before 7.39 and the Ctools module 6.x-1.x before 6.x-1.14 for Drupal allows remote attackers to inject arbitrary web script or HTML via vectors involving a whitelisted HTML el...

5

CVE-2015-6524

  • EPSS 0.66%
  • Veröffentlicht 24.08.2015 14:59:13
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The LDAPLoginModule implementation in the Java Authentication and Authorization Service (JAAS) in Apache ActiveMQ 5.x before 5.10.1 allows wildcard operators in usernames, which allows remote attackers to obtain credentials via a brute force attack. ...