Filtered by vendor Fedoraproject Subscriptions
Filtered by product Fedora Subscriptions
Total 5244 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-3428 3 Fedoraproject, Imagemagick, Redhat 4 Extra Packages For Enterprise Linux, Fedora, Imagemagick and 1 more 2025-02-07 6.2 Medium
A heap-based buffer overflow vulnerability was found in coders/tiff.c in ImageMagick. This issue may allow a local attacker to trick the user into opening a specially crafted file, resulting in an application crash and denial of service.
CVE-2020-1938 8 Apache, Blackberry, Debian and 5 more 27 Geode, Tomcat, Good Control and 24 more 2025-02-06 9.8 Critical
When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats AJP connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exploited in ways that may be surprising. In Apache Tomcat 9.0.0.M1 to 9.0.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99, Tomcat shipped with an AJP Connector enabled by default that listened on all configured IP addresses. It was expected (and recommended in the security guide) that this Connector would be disabled if not required. This vulnerability report identified a mechanism that allowed: - returning arbitrary files from anywhere in the web application - processing any file in the web application as a JSP Further, if the web application allowed file upload and stored those files within the web application (or the attacker was able to control the content of the web application by some other means) then this, along with the ability to process a file as a JSP, made remote code execution possible. It is important to note that mitigation is only required if an AJP port is accessible to untrusted users. Users wishing to take a defence-in-depth approach and block the vector that permits returning arbitrary files and execution as JSP may upgrade to Apache Tomcat 9.0.31, 8.5.51 or 7.0.100 or later. A number of changes were made to the default AJP Connector configuration in 9.0.31 to harden the default configuration. It is likely that users upgrading to 9.0.31, 8.5.51 or 7.0.100 or later will need to make small changes to their configurations.
CVE-2021-40438 10 Apache, Broadcom, Debian and 7 more 25 Http Server, Brocade Fabric Operating System Firmware, Debian Linux and 22 more 2025-02-06 9 Critical
A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.
CVE-2019-0211 8 Apache, Canonical, Debian and 5 more 28 Http Server, Ubuntu Linux, Debian Linux and 25 more 2025-02-06 7.8 High
In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. Non-Unix systems are not affected.
CVE-2021-22204 3 Debian, Exiftool Project, Fedoraproject 3 Debian Linux, Exiftool, Fedora 2025-02-06 6.8 Medium
Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image
CVE-2021-39144 6 Debian, Fedoraproject, Netapp and 3 more 22 Debian Linux, Fedora, Snapmanager and 19 more 2025-02-06 8.5 High
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker has sufficient rights to execute commands of the host only by manipulating the processed input stream. No user is affected, who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types. XStream 1.4.18 uses no longer a blacklist by default, since it cannot be secured for general purpose.
CVE-2021-39226 3 Fedoraproject, Grafana, Redhat 5 Fedora, Grafana, Enterprise Linux and 2 more 2025-02-06 9.8 Critical
Grafana is an open source data visualization platform. In affected versions unauthenticated and authenticated users are able to view the snapshot with the lowest database key by accessing the literal paths: /dashboard/snapshot/:key, or /api/snapshots/:key. If the snapshot "public_mode" configuration setting is set to true (vs default of false), unauthenticated users are able to delete the snapshot with the lowest database key by accessing the literal path: /api/snapshots-delete/:deleteKey. Regardless of the snapshot "public_mode" setting, authenticated users are able to delete the snapshot with the lowest database key by accessing the literal paths: /api/snapshots/:key, or /api/snapshots-delete/:deleteKey. The combination of deletion and viewing enables a complete walk through all snapshot data while resulting in complete snapshot data loss. This issue has been resolved in versions 8.1.6 and 7.5.11. If for some reason you cannot upgrade you can use a reverse proxy or similar to block access to the literal paths: /api/snapshots/:key, /api/snapshots-delete/:deleteKey, /dashboard/snapshot/:key, and /api/snapshots/:key. They have no normal function and can be disabled without side effects.
CVE-2021-43612 3 Fedoraproject, Lldpd Project, Redhat 3 Fedora, Lldpd, Enterprise Linux 2025-02-06 7.5 High
In lldpd before 1.0.13, when decoding SONMP packets in the sonmp_decode function, it's possible to trigger an out-of-bounds heap read via short SONMP packets.
CVE-2024-25629 3 C-ares, Fedoraproject, Redhat 5 C-ares, Fedora, Enterprise Linux and 2 more 2025-02-05 4.4 Medium
c-ares is a C library for asynchronous DNS requests. `ares__read_line()` is used to parse local configuration files such as `/etc/resolv.conf`, `/etc/nsswitch.conf`, the `HOSTALIASES` file, and if using a c-ares version prior to 1.27.0, the `/etc/hosts` file. If any of these configuration files has an embedded `NULL` character as the first character in a new line, it can lead to attempting to read memory prior to the start of the given buffer which may result in a crash. This issue is fixed in c-ares 1.27.0. No known workarounds exist.
CVE-2023-28856 4 Debian, Fedoraproject, Redhat and 1 more 4 Debian Linux, Fedora, Acm and 1 more 2025-02-05 5.5 Medium
Redis is an open source, in-memory database that persists on disk. Authenticated users can use the `HINCRBYFLOAT` command to create an invalid hash field that will crash Redis on access in affected versions. This issue has been addressed in in versions 7.0.11, 6.2.12, and 6.0.19. Users are advised to upgrade. There are no known workarounds for this issue.
CVE-2024-22667 2 Fedoraproject, Vim 2 Fedora, Vim 2025-02-05 7.8 High
Vim before 9.0.2142 has a stack-based buffer overflow because did_set_langmap in map.c calls sprintf to write to the error buffer that is passed down to the option callback functions.
CVE-2020-15999 7 Debian, Fedoraproject, Freetype and 4 more 10 Debian Linux, Fedora, Freetype and 7 more 2025-02-05 9.6 Critical
Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-38003 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2025-02-05 8.8 High
Inappropriate implementation in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-38000 3 Debian, Fedoraproject, Google 4 Debian Linux, Fedora, Android and 1 more 2025-02-05 6.1 Medium
Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 95.0.4638.69 allowed a remote attacker to arbitrarily browser to a malicious URL via a crafted HTML page.
CVE-2022-3038 2 Fedoraproject, Google 2 Fedora, Chrome 2025-02-05 8.8 High
Use after free in Network Service in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2023-3079 7 Apple, Couchbase, Debian and 4 more 7 Macos, Couchbase Server, Debian Linux and 4 more 2025-02-05 8.8 High
Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2021-21224 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2025-02-05 8.8 High
Type confusion in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
CVE-2021-21193 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2025-02-05 8.8 High
Use after free in Blink in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-21148 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2025-02-05 8.8 High
Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.150 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6418 4 Debian, Fedoraproject, Google and 1 more 7 Debian Linux, Fedora, Chrome and 4 more 2025-02-05 8.8 High
Type confusion in V8 in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.