Vulnerabilities (CVE)

Filtered by vendor Fedoraproject Subscribe
Total 4877 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2012-1169 2 Fedoraproject, Moodle 2 Fedora, Moodle 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
Moodle before 2.2.2 has Personal information disclosure, when administrative setting users name display is set to first name only full names are shown in page breadcrumbs.
CVE-2012-1168 3 Fedoraproject, Moodle, Redhat 3 Fedora, Moodle, Enterprise Linux 2024-11-21 6.4 MEDIUM 8.2 HIGH
Moodle before 2.2.2 has a password and web services issue where when the user profile is updated the user password is reset if not specified.
CVE-2012-1161 2 Fedoraproject, Moodle 2 Fedora, Moodle 2024-11-21 4.0 MEDIUM 4.3 MEDIUM
Moodle before 2.2.2: Course information leak via hidden courses being displayed in tag search results
CVE-2012-1160 2 Fedoraproject, Moodle 2 Fedora, Moodle 2024-11-21 4.0 MEDIUM 2.7 LOW
Moodle before 2.2.2 has a permission issue in Forum Subscriptions where unenrolled users can subscribe/unsubscribe via mod/forum/index.php
CVE-2012-1159 2 Fedoraproject, Moodle 2 Fedora, Moodle 2024-11-21 4.0 MEDIUM 4.3 MEDIUM
Moodle before 2.2.2: Overview report allows users to see hidden courses
CVE-2012-1158 2 Fedoraproject, Moodle 2 Fedora, Moodle 2024-11-21 4.0 MEDIUM 4.3 MEDIUM
Moodle before 2.2.2 has a course information leak in gradebook where users are able to see hidden grade items in export
CVE-2012-1157 2 Fedoraproject, Moodle 2 Fedora, Moodle 2024-11-21 4.0 MEDIUM 4.3 MEDIUM
Moodle before 2.2.2 has a default repository capabilities issue where all repositories are viewable by all users by default
CVE-2012-1156 3 Fedoraproject, Moodle, Redhat 3 Fedora, Moodle, Enterprise Linux 2024-11-21 5.0 MEDIUM 7.5 HIGH
Moodle before 2.2.2 has users' private files included in course backups
CVE-2012-1155 4 Debian, Fedoraproject, Moodle and 1 more 4 Debian Linux, Fedora, Moodle and 1 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
Moodle has a database activity export permission issue where the export function of the database activity module exports all entries even those from groups the user does not belong to
CVE-2012-1149 5 Apache, Debian, Fedoraproject and 2 more 10 Openoffice.org, Debian Linux, Fedora and 7 more 2024-11-21 7.5 HIGH N/A
Integer overflow in the vclmi.dll module in OpenOffice.org (OOo) 3.3, 3.4 Beta, and possibly earlier, and LibreOffice before 3.5.3, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted embedded image object, as demonstrated by a JPEG image in a .DOC file, which triggers a heap-based buffer overflow.
CVE-2012-1146 3 Fedoraproject, Linux, Suse 5 Fedora, Linux Kernel, Linux Enterprise Desktop and 2 more 2024-11-21 4.9 MEDIUM 5.5 MEDIUM
The mem_cgroup_usage_unregister_event function in mm/memcontrol.c in the Linux kernel before 3.2.10 does not properly handle multiple events that are attached to the same eventfd, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by registering memory threshold events.
CVE-2012-1115 3 Debian, Fedoraproject, Ldap-account-manager 3 Debian Linux, Fedora, Ldap Account Manager 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
A Cross-Site Scripting (XSS) vulnerability exists in LDAP Account Manager (LAM) Pro 3.6 in the export, add_value_form, and dn parameters to cmd.php.
CVE-2012-1114 3 Debian, Fedoraproject, Ldap-account-manager 3 Debian Linux, Fedora, Ldap Account Manager 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
A Cross-Site Scripting (XSS) vulnerability exists in LDAP Account Manager (LAM) Pro 3.6 in the filter parameter to cmd.php in an export and exporter_id action. and the filteruid parameter to list.php.
CVE-2012-1105 3 Apereo, Debian, Fedoraproject 3 Phpcas, Debian Linux, Fedora 2024-11-21 2.1 LOW 5.5 MEDIUM
An Information Disclosure vulnerability exists in the Jasig Project php-pear-CAS 1.2.2 package in the /tmp directory. The Central Authentication Service client library archives the debug logging file in an insecure manner.
CVE-2012-0833 1 Fedoraproject 1 389 Directory Server 2024-11-21 2.3 LOW N/A
The acllas__handle_group_entry function in servers/plugins/acl/acllas.c in 389 Directory Server before 1.2.10 does not properly handled access control instructions (ACIs) that use certificate groups, which allows remote authenticated LDAP users with a certificate group to cause a denial of service (infinite loop and CPU consumption) by binding to the server.
CVE-2012-0049 3 Debian, Fedoraproject, Openttd 3 Debian Linux, Fedora, Openttd 2024-11-21 4.0 MEDIUM 4.3 MEDIUM
OpenTTD before 1.1.5 contains a Denial of Service (slow read attack) that prevents users from joining the server.
CVE-2012-0037 6 Apache, Debian, Fedoraproject and 3 more 13 Openoffice, Debian Linux, Fedora and 10 more 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
Redland Raptor (aka libraptor) before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice before 3.4.6 and 3.5.x before 3.5.1, and other products, allows user-assisted remote attackers to read arbitrary files via a crafted XML external entity (XXE) declaration and reference in an RDF document.
CVE-2011-5268 2 Duckcorp, Fedoraproject 2 Bip, Fedora 2024-11-21 4.3 MEDIUM N/A
connection.c in Bip before 0.8.9 does not properly close sockets, which allows remote attackers to cause a denial of service (file descriptor consumption and crash) via multiple failed SSL handshakes, a different vulnerability than CVE-2013-4550. NOTE: this issue was SPLIT from CVE-2013-4550 because it is a different type of issue.
CVE-2011-4930 3 Condor Project, Fedoraproject, Redhat 3 Condor, Fedora, Enterprise Mrg 2024-11-21 4.4 MEDIUM N/A
Multiple format string vulnerabilities in Condor 7.2.0 through 7.6.4, and possibly certain 7.7.x versions, as used in Red Hat MRG Grid and possibly other products, allow local users to cause a denial of service (condor_schedd daemon and failure to launch jobs) and possibly execute arbitrary code via format string specifiers in (1) the reason for a hold for a job that uses an XML user log, (2) the filename of a file to be transferred, and possibly other unspecified vectors.
CVE-2011-4862 8 Debian, Fedoraproject, Freebsd and 5 more 10 Debian Linux, Fedora, Freebsd and 7 more 2024-11-21 10.0 HIGH N/A
Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other products allows remote attackers to execute arbitrary code via a long encryption key, as exploited in the wild in December 2011.