Vulnerabilities (CVE)

Filtered by vendor Fedoraproject Subscribe

Filtered by product Extra Packages For Enterprise Linux

Total 64 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2020-27818	3 Debian, Fedoraproject, Libpng	4 Debian Linux, Extra Packages For Enterprise Linux, Fedora and 1 more	2024-02-04	4.3 MEDIUM	3.3 LOW
A flaw was found in the check_chunk_name() function of pngcheck-2.4.0. An attacker able to pass a malicious file to be processed by pngcheck could cause a temporary denial of service, posing a low risk to application availability.
CVE-2020-9274	4 Canonical, Debian, Fedoraproject and 1 more	5 Ubuntu Linux, Debian Linux, Extra Packages For Enterprise Linux and 2 more	2024-02-04	5.0 MEDIUM	7.5 HIGH
An issue was discovered in Pure-FTPd 1.0.49. An uninitialized pointer vulnerability has been detected in the diraliases linked list. When the *lookup_alias(const char alias) or print_aliases(void) function is called, they fail to correctly detect the end of the linked list and try to access a non-existent list member. This is related to init_aliases in diraliases.c.
CVE-2020-7106	5 Cacti, Debian, Fedoraproject and 2 more	8 Cacti, Debian Linux, Extra Packages For Enterprise Linux and 5 more	2024-02-04	4.3 MEDIUM	6.1 MEDIUM
Cacti 1.2.8 has stored XSS in data_sources.php, color_templates_item.php, graphs.php, graph_items.php, lib/api_automation.php, user_admin.php, and user_group_admin.php, as demonstrated by the description parameter in data_sources.php (a raw string from the database that is displayed by $header to trigger the XSS).
CVE-2023-51766	2 Exim, Fedoraproject	3 Exim, Extra Packages For Enterprise Linux, Fedora	2024-02-02	N/A	5.3 MEDIUM
Exim before 4.97.1 allows SMTP smuggling in certain PIPELINING/CHUNKING configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Exim supports <LF>.<CR><LF> but some other popular e-mail servers do not.