Filtered by vendor Fedoraproject Subscriptions
Filtered by product Fedora Subscriptions
Total 5125 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2016-7949 2 Fedoraproject, X.org 2 Fedora, Libxrender 2024-11-21 N/A
Multiple buffer overflows in the (1) XvQueryAdaptors and (2) XvQueryEncodings functions in X.org libXrender before 0.9.10 allow remote X servers to trigger out-of-bounds write operations via vectors involving length fields.
CVE-2016-7948 2 Fedoraproject, X.org 2 Fedora, Libxrandr 2024-11-21 N/A
X.org libXrandr before 1.5.1 allows remote X servers to trigger out-of-bounds write operations by leveraging mishandling of reply data.
CVE-2016-7947 2 Fedoraproject, X.org 2 Fedora, Libxrandr 2024-11-21 N/A
Multiple integer overflows in X.org libXrandr before 1.5.1 allow remote X servers to trigger out-of-bounds write operations via a crafted response.
CVE-2016-7946 2 Fedoraproject, X.org 2 Fedora, Libxi 2024-11-21 N/A
X.org libXi before 1.7.7 allows remote X servers to cause a denial of service (infinite loop) via vectors involving length fields.
CVE-2016-7945 2 Fedoraproject, X.org 2 Fedora, Libxi 2024-11-21 N/A
Multiple integer overflows in X.org libXi before 1.7.7 allow remote X servers to cause a denial of service (out-of-bounds memory access or infinite loop) via vectors involving length fields.
CVE-2016-7944 2 Fedoraproject, X.org 2 Fedora, Libxfixes 2024-11-21 N/A
Integer overflow in X.org libXfixes before 5.0.3 on 32-bit platforms might allow remote X servers to gain privileges via a length value of INT_MAX, which triggers the client to stop reading data and get out of sync.
CVE-2016-7943 2 Fedoraproject, X.org 2 Fedora, Libx11 2024-11-21 N/A
The XListFonts function in X.org libX11 before 1.6.4 might allow remote X servers to gain privileges via vectors involving length fields, which trigger out-of-bounds write operations.
CVE-2016-7942 2 Fedoraproject, X.org 2 Fedora, Libx11 2024-11-21 N/A
The XGetImage function in X.org libX11 before 1.6.4 might allow remote X servers to gain privileges via vectors involving image type and geometry, which triggers out-of-bounds read operations.
CVE-2016-7545 3 Fedoraproject, Redhat, Selinux Project 9 Fedora, Enterprise Linux, Enterprise Linux Desktop and 6 more 2024-11-21 N/A
SELinux policycoreutils allows local users to execute arbitrary commands outside of the sandbox via a crafted TIOCSTI ioctl call.
CVE-2016-7543 3 Fedoraproject, Gnu, Redhat 3 Fedora, Bash, Enterprise Linux 2024-11-21 N/A
Bash before 4.4 allows local users to execute arbitrary commands with root privileges via crafted SHELLOPTS and PS4 environment variables.
CVE-2016-7405 3 Adodb Project, Fedoraproject, Php 3 Adodb, Fedora, Php 2024-11-21 N/A
The qstr method in the PDO driver in the ADOdb Library for PHP before 5.x before 5.20.7 might allow remote attackers to conduct SQL injection attacks via vectors related to incorrect quoting.
CVE-2016-7167 3 Fedoraproject, Haxx, Redhat 5 Fedora, Libcurl, Enterprise Linux and 2 more 2024-11-21 N/A
Multiple integer overflows in the (1) curl_escape, (2) curl_easy_escape, (3) curl_unescape, and (4) curl_easy_unescape functions in libcurl before 7.50.3 allow attackers to have unspecified impact via a string of length 0xffffffff, which triggers a heap-based buffer overflow.
CVE-2016-7163 4 Debian, Fedoraproject, Redhat and 1 more 10 Debian Linux, Fedora, Enterprise Linux and 7 more 2024-11-21 7.8 High
Integer overflow in the opj_pi_create_decode function in pi.c in OpenJPEG allows remote attackers to execute arbitrary code via a crafted JP2 file, which triggers an out-of-bounds read or write.
CVE-2016-7103 7 Debian, Fedoraproject, Jqueryui and 4 more 13 Debian Linux, Fedora, Jquery Ui and 10 more 2024-11-21 6.1 Medium
Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or HTML via the closeText parameter of the dialog function.
CVE-2016-6866 2 Fedoraproject, Suckless 2 Fedora, Slock 2024-11-21 N/A
slock allows attackers to bypass the screen lock via vectors involving an invalid password hash, which triggers a NULL pointer dereference and crash.
CVE-2016-6855 4 Canonical, Fedoraproject, Gnome and 1 more 6 Ubuntu Linux, Fedora, Eye Of Gnome and 3 more 2024-11-21 N/A
Eye of GNOME (aka eog) 3.16.5, 3.17.x, 3.18.x before 3.18.3, 3.19.x, and 3.20.x before 3.20.4, when used with glib before 2.44.1, allow remote attackers to cause a denial of service (out-of-bounds write and crash) via vectors involving passing invalid UTF-8 to GMarkup.
CVE-2016-6515 3 Fedoraproject, Openbsd, Redhat 3 Fedora, Openssh, Enterprise Linux 2024-11-21 N/A
The auth_password function in auth-passwd.c in sshd in OpenSSH before 7.3 does not limit password lengths for password authentication, which allows remote attackers to cause a denial of service (crypt CPU consumption) via a long string.
CVE-2016-6494 2 Fedoraproject, Mongodb 2 Fedora, Mongodb 2024-11-21 N/A
The client in MongoDB uses world-readable permissions on .dbshell history files, which might allow local users to obtain sensitive information by reading these files.
CVE-2016-6342 2 Elog Project, Fedoraproject 2 Elog, Fedora 2024-11-21 7.5 High
elog 3.1.1 allows remote attackers to post data as any username in the logbook.
CVE-2016-6323 3 Fedoraproject, Gnu, Opensuse 3 Fedora, Glibc, Opensuse 2024-11-21 N/A
The makecontext function in the GNU C Library (aka glibc or libc6) before 2.25 creates execution contexts incompatible with the unwinder on ARM EABI (32-bit) platforms, which might allow context-dependent attackers to cause a denial of service (hang), as demonstrated by applications compiled using gccgo, related to backtrace generation.