Filtered by vendor Fedoraproject
Subscribe
Total
4940 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-5645 | 2 Fedoraproject, Freeciv | 2 Fedora, Freeciv | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| A denial of service flaw was found in the way the server component of Freeciv before 2.3.4 processed certain packets. A remote attacker could send a specially-crafted packet that, when processed would lead to memory exhaustion or excessive CPU consumption. | |||||
| CVE-2012-5644 | 4 Debian, Fedoraproject, Libuser Project and 1 more | 4 Debian Linux, Fedora, Libuser and 1 more | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| libuser has information disclosure when moving user's home directory | |||||
| CVE-2012-5630 | 3 Fedoraproject, Libuser Project, Redhat | 3 Fedora, Libuser, Enterprise Linux | 2024-11-21 | 3.3 LOW | 6.3 MEDIUM |
| libuser 0.56 and 0.57 has a TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees. | |||||
| CVE-2012-5617 | 2 Fedoraproject, Gksu-polkit Project | 2 Fedora, Gksu-polkit | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| gksu-polkit: permissive PolicyKit policy configuration file allows privilege escalation | |||||
| CVE-2012-5535 | 2 Fedoraproject, Gnome | 2 Fedora, Gnome-system-log | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| gnome-system-log polkit policy allows arbitrary files on the system to be read | |||||
| CVE-2012-5474 | 4 Debian, Fedoraproject, Openstack and 1 more | 4 Debian Linux, Fedora, Horizon and 1 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| The file /etc/openstack-dashboard/local_settings within Red Hat OpenStack Platform 2.0 and RHOS Essex Release (python-django-horizon package before 2012.1.1) is world readable and exposes the secret key value. | |||||
| CVE-2012-4524 | 2 Fedoraproject, Sillycycle | 2 Fedora, Xlockmore | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| xlockmore before 5.43 'dclock' security bypass vulnerability | |||||
| CVE-2012-4480 | 2 Fedoraproject, Ovirt | 2 Fedora, Mom | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| mom creates world-writable pid files in /var/run | |||||
| CVE-2012-4451 | 3 Fedoraproject, Redhat, Zend | 3 Fedora, Enterprise Linux, Zend Framework | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Multiple cross-site scripting (XSS) vulnerabilities in Zend Framework 2.0.x before 2.0.1 allow remote attackers to inject arbitrary web script or HTML via unspecified input to (1) Debug, (2) Feed\PubSubHubbub, (3) Log\Formatter\Xml, (4) Tag\Cloud\Decorator, (5) Uri, (6) View\Helper\HeadStyle, (7) View\Helper\Navigation\Sitemap, or (8) View\Helper\Placeholder\Container\AbstractStandalone, related to Escaper. | |||||
| CVE-2012-4428 | 4 Canonical, Debian, Fedoraproject and 1 more | 4 Ubuntu Linux, Debian Linux, Fedora and 1 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| openslp: SLPIntersectStringList()' Function has a DoS vulnerability | |||||
| CVE-2012-3462 | 1 Fedoraproject | 1 Sssd | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| A flaw was found in SSSD version 1.9.0. The SSSD's access-provider logic causes the result of the HBAC rule processing to be ignored in the event that the access-provider is also handling the setup of the user's SELinux user context. | |||||
| CVE-2012-2130 | 3 Debian, Fedoraproject, Polarssl | 3 Debian Linux, Fedora, Polarssl | 2024-11-21 | 5.8 MEDIUM | 7.4 HIGH |
| A Security Bypass vulnerability exists in PolarSSL 0.99pre4 through 1.1.1 due to a weak encryption error when generating Diffie-Hellman values and RSA keys. | |||||
| CVE-2012-1615 | 1 Fedoraproject | 2 Fedora, Sectool | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| A Privilege Escalation vulnerability exits in Fedoraproject Sectool due to an incorrect DBus file. | |||||
| CVE-2012-1170 | 2 Fedoraproject, Moodle | 2 Fedora, Moodle | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Moodle before 2.2.2 has an external enrolment plugin context check issue where capability checks are not thorough | |||||
| CVE-2012-1169 | 2 Fedoraproject, Moodle | 2 Fedora, Moodle | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| Moodle before 2.2.2 has Personal information disclosure, when administrative setting users name display is set to first name only full names are shown in page breadcrumbs. | |||||
| CVE-2012-1168 | 3 Fedoraproject, Moodle, Redhat | 3 Fedora, Moodle, Enterprise Linux | 2024-11-21 | 6.4 MEDIUM | 8.2 HIGH |
| Moodle before 2.2.2 has a password and web services issue where when the user profile is updated the user password is reset if not specified. | |||||
| CVE-2012-1161 | 2 Fedoraproject, Moodle | 2 Fedora, Moodle | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| Moodle before 2.2.2: Course information leak via hidden courses being displayed in tag search results | |||||
| CVE-2012-1160 | 2 Fedoraproject, Moodle | 2 Fedora, Moodle | 2024-11-21 | 4.0 MEDIUM | 2.7 LOW |
| Moodle before 2.2.2 has a permission issue in Forum Subscriptions where unenrolled users can subscribe/unsubscribe via mod/forum/index.php | |||||
| CVE-2012-1159 | 2 Fedoraproject, Moodle | 2 Fedora, Moodle | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| Moodle before 2.2.2: Overview report allows users to see hidden courses | |||||
| CVE-2012-1158 | 2 Fedoraproject, Moodle | 2 Fedora, Moodle | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| Moodle before 2.2.2 has a course information leak in gradebook where users are able to see hidden grade items in export | |||||